diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-21 13:13:32 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-22 15:26:54 +0200 |
commit | ffa28be5eff6a109c8a6ae1ee6bd948ad794aee9 (patch) | |
tree | 25fa246ec63edfc6380239aae3a925905e984982 /tunnel/firewall/types_windows.go | |
parent | README: avoid confusion about downloads (diff) | |
download | wireguard-windows-ffa28be5eff6a109c8a6ae1ee6bd948ad794aee9.tar.xz wireguard-windows-ffa28be5eff6a109c8a6ae1ee6bd948ad794aee9.zip |
firewall: use service-specific SID
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'tunnel/firewall/types_windows.go')
-rw-r--r-- | tunnel/firewall/types_windows.go | 56 |
1 files changed, 48 insertions, 8 deletions
diff --git a/tunnel/firewall/types_windows.go b/tunnel/firewall/types_windows.go index e06f7d2b..6f86571f 100644 --- a/tunnel/firewall/types_windows.go +++ b/tunnel/firewall/types_windows.go @@ -393,14 +393,6 @@ type wtFwpmProvider0 struct { serviceName *uint16 } -type wtObjectType uint32 - -const ( - cSE_KERNEL_OBJECT wtObjectType = 6 - - cDACL_SECURITY_INFORMATION = 4 -) - type wtIfType uint32 const ( @@ -415,3 +407,51 @@ const ( cIPPROTO_TCP wtIPProto = 6 cIPPROTO_UDP wtIPProto = 17 ) + +type wtExplicitAccess struct { + accessPermissions uint32 + accessMode uint32 + inheritance uint32 + trustee wtTrustee +} + +type wtTrustee struct { + multipleTrustee *wtTrustee + multipleTrusteeOperation uint32 + trusteeForm uint32 + trusteeType uint32 + sid *windows.SID +} + +const ( + cTRUSTEE_IS_UNKNOWN = iota + cTRUSTEE_IS_USER + cTRUSTEE_IS_GROUP + cTRUSTEE_IS_DOMAIN + cTRUSTEE_IS_ALIAS + cTRUSTEE_IS_WELL_KNOWN_GROUP + cTRUSTEE_IS_DELETED + cTRUSTEE_IS_INVALID + cTRUSTEE_IS_COMPUTER +) +const ( + cTRUSTEE_IS_SID = iota + cTRUSTEE_IS_NAME + cTRUSTEE_BAD_FORM + cTRUSTEE_IS_OBJECTS_AND_SID + cTRUSTEE_IS_OBJECTS_AND_NAME +) + +const ( + cNOT_USED_ACCESS = iota + cGRANT_ACCESS + cSET_ACCESS + cDENY_ACCESS + cREVOKE_ACCESS + cSET_AUDIT_SUCCESS + cSET_AUDIT_FAILURE +) + +const ( + cFWP_ACTRL_MATCH_FILTER = 1 +) |