diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-27 17:30:24 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-27 17:30:24 +0200 |
| commit | 8ff1386df120119927ae8d211b154d1412bb2870 (patch) | |
| tree | 37e1e6d50e2f247426eda698c5a8359c145c59a7 /tunnel | |
| parent | ui: do not pass pointer into closure from loop (diff) | |
| download | wireguard-windows-8ff1386df120119927ae8d211b154d1412bb2870.tar.xz wireguard-windows-8ff1386df120119927ae8d211b154d1412bb2870.zip | |
global: several helpers are now upstream
Diffstat (limited to 'tunnel')
| -rw-r--r-- | tunnel/firewall/helpers.go | 12 |
1 files changed, 1 insertions, 11 deletions
diff --git a/tunnel/firewall/helpers.go b/tunnel/firewall/helpers.go index 6bc71806..ee783c2d 100644 --- a/tunnel/firewall/helpers.go +++ b/tunnel/firewall/helpers.go @@ -87,22 +87,12 @@ func getCurrentProcessSecurityDescriptor() (*wtFwpByteBlob, error) { if g.Attributes != windows.SE_GROUP_ENABLED|windows.SE_GROUP_ENABLED_BY_DEFAULT|windows.SE_GROUP_OWNER { continue } - if *(*byte)(unsafe.Pointer(g.Sid)) != 1 { // The revision. - continue - } - if *getSidIdentifierAuthority(g.Sid) != windows.SECURITY_NT_AUTHORITY { - continue - } // We could be checking != 6, but hopefully Microsoft will update // RtlCreateServiceSid to use SHA2, which will then likely bump // this up. So instead just roll with a minimum. - if *getSidSubAuthorityCount(g.Sid) < 6 { + if !g.Sid.IsValid() || g.Sid.IdentifierAuthority() != windows.SECURITY_NT_AUTHORITY || g.Sid.SubAuthorityCount() < 6 || g.Sid.SubAuthority(0) != 80 { continue } - if *getSidSubAuthority(g.Sid, 0) != 80 { - continue - } - sid = g.Sid break } |