diff options
author | Odd Stranne <odd@mullvad.net> | 2019-05-07 13:28:43 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-08 08:31:00 +0200 |
commit | ac7e6296fe66de1e921cba2280beb298916f78e0 (patch) | |
tree | 4f56e733d923a21aeca134f1e350212573c4af9e /service/firewall/helpers.go | |
parent | firewall: add permitHyperV() (diff) | |
download | wireguard-windows-ac7e6296fe66de1e921cba2280beb298916f78e0.tar.xz wireguard-windows-ac7e6296fe66de1e921cba2280beb298916f78e0.zip |
firewall: remove unused code
Signed-off-by: Odd Stranne <odd@mullvad.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'service/firewall/helpers.go')
-rw-r--r-- | service/firewall/helpers.go | 162 |
1 files changed, 35 insertions, 127 deletions
diff --git a/service/firewall/helpers.go b/service/firewall/helpers.go index f5cab009..cec61f44 100644 --- a/service/firewall/helpers.go +++ b/service/firewall/helpers.go @@ -10,135 +10,10 @@ import ( "golang.org/x/sys/windows" "runtime" "syscall" + "os" + "unsafe" ) -func (m wtFwpMatchType) String() string { - switch m { - case cFWP_MATCH_EQUAL: - return "FWP_MATCH_EQUAL" - case cFWP_MATCH_GREATER: - return "FWP_MATCH_GREATER" - case cFWP_MATCH_LESS: - return "FWP_MATCH_LESS" - case cFWP_MATCH_GREATER_OR_EQUAL: - return "FWP_MATCH_GREATER_OR_EQUAL" - case cFWP_MATCH_LESS_OR_EQUAL: - return "FWP_MATCH_LESS_OR_EQUAL" - case cFWP_MATCH_RANGE: - return "FWP_MATCH_RANGE" - case cFWP_MATCH_FLAGS_ALL_SET: - return "FWP_MATCH_FLAGS_ALL_SET" - case cFWP_MATCH_FLAGS_ANY_SET: - return "FWP_MATCH_FLAGS_ANY_SET" - case cFWP_MATCH_FLAGS_NONE_SET: - return "FWP_MATCH_FLAGS_NONE_SET" - case cFWP_MATCH_EQUAL_CASE_INSENSITIVE: - return "FWP_MATCH_EQUAL_CASE_INSENSITIVE" - case cFWP_MATCH_NOT_EQUAL: - return "FWP_MATCH_NOT_EQUAL" - case cFWP_MATCH_PREFIX: - return "FWP_MATCH_PREFIX" - case cFWP_MATCH_NOT_PREFIX: - return "FWP_MATCH_NOT_PREFIX" - case cFWP_MATCH_TYPE_MAX: - return "FWP_MATCH_TYPE_MAX" - default: - return fmt.Sprintf("FwpMatchType_UNKNOWN(%d)", m) - } -} - -func (ff wtFwpmFilterFlags) String() string { - switch ff { - case cFWPM_FILTER_FLAG_NONE: - return "FWPM_FILTER_FLAG_NONE" - case cFWPM_FILTER_FLAG_PERSISTENT: - return "FWPM_FILTER_FLAG_PERSISTENT" - case cFWPM_FILTER_FLAG_BOOTTIME: - return "FWPM_FILTER_FLAG_BOOTTIME" - case cFWPM_FILTER_FLAG_HAS_PROVIDER_CONTEXT: - return "FWPM_FILTER_FLAG_HAS_PROVIDER_CONTEXT" - case cFWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT: - return "FWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT" - case cFWPM_FILTER_FLAG_PERMIT_IF_CALLOUT_UNREGISTERED: - return "FWPM_FILTER_FLAG_PERMIT_IF_CALLOUT_UNREGISTERED" - case cFWPM_FILTER_FLAG_DISABLED: - return "FWPM_FILTER_FLAG_DISABLED" - case cFWPM_FILTER_FLAG_INDEXED: - return "FWPM_FILTER_FLAG_INDEXED" - case cFWPM_FILTER_FLAG_HAS_SECURITY_REALM_PROVIDER_CONTEXT: - return "FWPM_FILTER_FLAG_HAS_SECURITY_REALM_PROVIDER_CONTEXT" - case cFWPM_FILTER_FLAG_SYSTEMOS_ONLY: - return "FWPM_FILTER_FLAG_SYSTEMOS_ONLY" - case cFWPM_FILTER_FLAG_GAMEOS_ONLY: - return "FWPM_FILTER_FLAG_GAMEOS_ONLY" - case cFWPM_FILTER_FLAG_SILENT_MODE: - return "FWPM_FILTER_FLAG_SILENT_MODE" - case cFWPM_FILTER_FLAG_IPSEC_NO_ACQUIRE_INITIATE: - return "FWPM_FILTER_FLAG_IPSEC_NO_ACQUIRE_INITIATE" - default: - return fmt.Sprintf("FwpmFilterFlags_UNKNOWN(%d)", ff) - } -} - -func (dt wtFwpDataType) String() string { - switch dt { - case cFWP_EMPTY: - return "FWP_EMPTY" - case cFWP_UINT8: - return "FWP_UINT8" - case cFWP_UINT16: - return "FWP_UINT16" - case cFWP_UINT32: - return "FWP_UINT32" - case cFWP_UINT64: - return "FWP_UINT64" - case cFWP_INT8: - return "FWP_INT8" - case cFWP_INT16: - return "FWP_INT16" - case cFWP_INT32: - return "FWP_INT32" - case cFWP_INT64: - return "FWP_INT64" - case cFWP_FLOAT: - return "FWP_FLOAT" - case cFWP_DOUBLE: - return "FWP_DOUBLE" - case cFWP_BYTE_ARRAY16_TYPE: - return "FWP_BYTE_ARRAY16_TYPE" - case cFWP_BYTE_BLOB_TYPE: - return "FWP_BYTE_BLOB_TYPE" - case cFWP_SID: - return "FWP_SID" - case cFWP_SECURITY_DESCRIPTOR_TYPE: - return "FWP_SECURITY_DESCRIPTOR_TYPE" - case cFWP_TOKEN_INFORMATION_TYPE: - return "FWP_TOKEN_INFORMATION_TYPE" - case cFWP_TOKEN_ACCESS_INFORMATION_TYPE: - return "FWP_TOKEN_ACCESS_INFORMATION_TYPE" - case cFWP_UNICODE_STRING_TYPE: - return "FWP_UNICODE_STRING_TYPE" - case cFWP_BYTE_ARRAY6_TYPE: - return "FWP_BYTE_ARRAY6_TYPE" - case cFWP_BITMAP_INDEX_TYPE: - return "FWP_BITMAP_INDEX_TYPE" - case cFWP_BITMAP_ARRAY64_TYPE: - return "FWP_BITMAP_ARRAY64_TYPE" - case cFWP_SINGLE_DATA_TYPE_MAX: - return "FWP_SINGLE_DATA_TYPE_MAX" - case cFWP_V4_ADDR_MASK: - return "FWP_V4_ADDR_MASK" - case cFWP_V6_ADDR_MASK: - return "FWP_V6_ADDR_MASK" - case cFWP_RANGE_TYPE: - return "FWP_RANGE_TYPE" - case cFWP_DATA_TYPE_MAX: - return "FWP_DATA_TYPE_MAX" - default: - return fmt.Sprintf("FwpDataType_UNKNOWN(%d)", dt) - } -} - func runTransaction(session uintptr, operation wfpObjectInstaller) error { err := fwpmTransactionBegin0(session, 0) if err != nil { @@ -195,3 +70,36 @@ func wrapErr(err error) error { return fmt.Errorf("Firewall error at %s:%d: %v", file, line, err) } } + +func getCurrentProcessSecurityDescriptor() (*wtFwpByteBlob, error) { + procHandle, err := windows.GetCurrentProcess() + if err != nil { + panic(err) + } + blob := &wtFwpByteBlob{} + err = getSecurityInfo(procHandle, cSE_KERNEL_OBJECT, cDACL_SECURITY_INFORMATION, nil, nil, nil, nil, (*uintptr)(unsafe.Pointer(&blob.data))) + if err != nil { + return nil, wrapErr(err) + } + blob.size = getSecurityDescriptorLength(uintptr(unsafe.Pointer(blob.data))) + return blob, nil +} + +func getCurrentProcessAppId() (*wtFwpByteBlob, error) { + currentFile, err := os.Executable() + if err != nil { + return nil, wrapErr(err) + } + + curFilePtr, err := windows.UTF16PtrFromString(currentFile) + if err != nil { + return nil, wrapErr(err) + } + + var appId *wtFwpByteBlob + err = fwpmGetAppIdFromFileName0(curFilePtr, unsafe.Pointer(&appId)) + if err != nil { + return nil, wrapErr(err) + } + return appId, nil +} |