From bba4646b11fa8b18649d04d02e6dae333bd9008d Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Mon, 27 May 2019 17:30:24 +0200
Subject: global: several helpers are now upstream

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 tunnel/firewall/helpers.go | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

(limited to 'tunnel')

diff --git a/tunnel/firewall/helpers.go b/tunnel/firewall/helpers.go
index 6bc71806..ee783c2d 100644
--- a/tunnel/firewall/helpers.go
+++ b/tunnel/firewall/helpers.go
@@ -87,22 +87,12 @@ func getCurrentProcessSecurityDescriptor() (*wtFwpByteBlob, error) {
 		if g.Attributes != windows.SE_GROUP_ENABLED|windows.SE_GROUP_ENABLED_BY_DEFAULT|windows.SE_GROUP_OWNER {
 			continue
 		}
-		if *(*byte)(unsafe.Pointer(g.Sid)) != 1 { // The revision.
-			continue
-		}
-		if *getSidIdentifierAuthority(g.Sid) != windows.SECURITY_NT_AUTHORITY {
-			continue
-		}
 		// We could be checking != 6, but hopefully Microsoft will update
 		// RtlCreateServiceSid to use SHA2, which will then likely bump
 		// this up. So instead just roll with a minimum.
-		if *getSidSubAuthorityCount(g.Sid) < 6 {
+		if !g.Sid.IsValid() || g.Sid.IdentifierAuthority() != windows.SECURITY_NT_AUTHORITY || g.Sid.SubAuthorityCount() < 6 || g.Sid.SubAuthority(0) != 80 {
 			continue
 		}
-		if *getSidSubAuthority(g.Sid, 0) != 80 {
-			continue
-		}
-
 		sid = g.Sid
 		break
 	}
-- 
cgit v1.2.3-59-g8ed1b