mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9938 Commits
17 Branches
Tree: 51463a0a09
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '51463a0a09'
${ noResults }
gitea/vendor/github.com/quasoft/websspi/win32_windows.go

win32_windows.go 8.2KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312 
  1. package websspi

  2. 

  3. import (

  4. 	"syscall"

  5. 	"unsafe"

  6. 

  7. 	"golang.org/x/sys/windows"

  8. )

  9. 

  10. // secur32.dll

  11. 

  12. type SECURITY_STATUS syscall.Errno

  13. 

  14. const (

  15. 	SEC_E_OK = SECURITY_STATUS(0)

  16. 

  17. 	SEC_E_INCOMPLETE_MESSAGE          = SECURITY_STATUS(0x80090318)

  18. 	SEC_E_INSUFFICIENT_MEMORY         = SECURITY_STATUS(0x80090300)

  19. 	SEC_E_INTERNAL_ERROR              = SECURITY_STATUS(0x80090304)

  20. 	SEC_E_INVALID_HANDLE              = SECURITY_STATUS(0x80090301)

  21. 	SEC_E_INVALID_TOKEN               = SECURITY_STATUS(0x80090308)

  22. 	SEC_E_LOGON_DENIED                = SECURITY_STATUS(0x8009030C)

  23. 	SEC_E_NO_AUTHENTICATING_AUTHORITY = SECURITY_STATUS(0x80090311)

  24. 	SEC_E_NO_CREDENTIALS              = SECURITY_STATUS(0x8009030E)

  25. 	SEC_E_UNSUPPORTED_FUNCTION        = SECURITY_STATUS(0x80090302)

  26. 	SEC_I_COMPLETE_AND_CONTINUE       = SECURITY_STATUS(0x00090314)

  27. 	SEC_I_COMPLETE_NEEDED             = SECURITY_STATUS(0x00090313)

  28. 	SEC_I_CONTINUE_NEEDED             = SECURITY_STATUS(0x00090312)

  29. 	SEC_E_NOT_OWNER                   = SECURITY_STATUS(0x80090306)

  30. 	SEC_E_SECPKG_NOT_FOUND            = SECURITY_STATUS(0x80090305)

  31. 	SEC_E_UNKNOWN_CREDENTIALS         = SECURITY_STATUS(0x8009030D)

  32. 

  33. 	NEGOSSP_NAME         = "Negotiate"

  34. 	SECPKG_CRED_INBOUND  = 1

  35. 	SECURITY_NATIVE_DREP = 16

  36. 

  37. 	ASC_REQ_DELEGATE        = 1

  38. 	ASC_REQ_MUTUAL_AUTH     = 2

  39. 	ASC_REQ_REPLAY_DETECT   = 4

  40. 	ASC_REQ_SEQUENCE_DETECT = 8

  41. 	ASC_REQ_CONFIDENTIALITY = 16

  42. 	ASC_REQ_USE_SESSION_KEY = 32

  43. 	ASC_REQ_ALLOCATE_MEMORY = 256

  44. 	ASC_REQ_USE_DCE_STYLE   = 512

  45. 	ASC_REQ_DATAGRAM        = 1024

  46. 	ASC_REQ_CONNECTION      = 2048

  47. 	ASC_REQ_EXTENDED_ERROR  = 32768

  48. 	ASC_REQ_STREAM          = 65536

  49. 	ASC_REQ_INTEGRITY       = 131072

  50. 

  51. 	SECPKG_ATTR_SIZES            = 0

  52. 	SECPKG_ATTR_NAMES            = 1

  53. 	SECPKG_ATTR_LIFESPAN         = 2

  54. 	SECPKG_ATTR_DCE_INFO         = 3

  55. 	SECPKG_ATTR_STREAM_SIZES     = 4

  56. 	SECPKG_ATTR_KEY_INFO         = 5

  57. 	SECPKG_ATTR_AUTHORITY        = 6

  58. 	SECPKG_ATTR_PROTO_INFO       = 7

  59. 	SECPKG_ATTR_PASSWORD_EXPIRY  = 8

  60. 	SECPKG_ATTR_SESSION_KEY      = 9

  61. 	SECPKG_ATTR_PACKAGE_INFO     = 10

  62. 	SECPKG_ATTR_USER_FLAGS       = 11

  63. 	SECPKG_ATTR_NEGOTIATION_INFO = 12

  64. 	SECPKG_ATTR_NATIVE_NAMES     = 13

  65. 	SECPKG_ATTR_FLAGS            = 14

  66. 

  67. 	SECBUFFER_VERSION = 0

  68. 	SECBUFFER_TOKEN   = 2

  69. )

  70. 

  71. type CredHandle struct {

  72. 	Lower uintptr

  73. 	Upper uintptr

  74. }

  75. 

  76. type CtxtHandle struct {

  77. 	Lower uintptr

  78. 	Upper uintptr

  79. }

  80. 

  81. type SecBuffer struct {

  82. 	BufferSize uint32

  83. 	BufferType uint32

  84. 	Buffer     *byte

  85. }

  86. 

  87. type SecBufferDesc struct {

  88. 	Version      uint32

  89. 	BuffersCount uint32

  90. 	Buffers      *SecBuffer

  91. }

  92. 

  93. type LUID struct {

  94. 	LowPart  uint32

  95. 	HighPart int32

  96. }

  97. 

  98. type SecPkgContext_Names struct {

  99. 	UserName *uint16

  100. }

  101. 

  102. type SecPkgContext_Flags struct {

  103. 	Flags uint32

  104. }

  105. 

  106. // netapi32.dll

  107. 

  108. const (

  109. 	NERR_Success       = 0x0

  110. 	NERR_InternalError = 0x85C

  111. 	NERR_UserNotFound  = 0x8AD

  112. 

  113. 	ERROR_ACCESS_DENIED     = 0x5

  114. 	ERROR_BAD_NETPATH       = 0x35

  115. 	ERROR_INVALID_LEVEL     = 0x7C

  116. 	ERROR_INVALID_NAME      = 0x7B

  117. 	ERROR_MORE_DATA         = 0xEA

  118. 	ERROR_NOT_ENOUGH_MEMORY = 0x8

  119. 

  120. 	MAX_PREFERRED_LENGTH  = 0xFFFFFFFF

  121. 	MAX_GROUP_NAME_LENGTH = 256

  122. 

  123. 	SE_GROUP_MANDATORY          = 0x1

  124. 	SE_GROUP_ENABLED_BY_DEFAULT = 0x2

  125. 	SE_GROUP_ENABLED            = 0x4

  126. 	SE_GROUP_OWNER              = 0x8

  127. 	SE_GROUP_USE_FOR_DENY_ONLY  = 0x10

  128. 	SE_GROUP_INTEGRITY          = 0x20

  129. 	SE_GROUP_INTEGRITY_ENABLED  = 0x40

  130. 	SE_GROUP_LOGON_ID           = 0xC0000000

  131. 	SE_GROUP_RESOURCE           = 0x20000000

  132. )

  133. 

  134. type GroupUsersInfo0 struct {

  135. 	Grui0_name *uint16

  136. }

  137. 

  138. type GroupUsersInfo1 struct {

  139. 	Grui1_name       *uint16

  140. 	Grui1_attributes uint32

  141. }

  142. 

  143. // The API interface describes the Win32 functions used in this package and

  144. // its primary purpose is to allow replacing them with stub functions in unit tests.

  145. type API interface {

  146. 	AcquireCredentialsHandle(

  147. 		principal *uint16,

  148. 		_package *uint16,

  149. 		credentialUse uint32,

  150. 		logonID *LUID,

  151. 		authData *byte,

  152. 		getKeyFn uintptr,

  153. 		getKeyArgument uintptr,

  154. 		credHandle *CredHandle,

  155. 		expiry *syscall.Filetime,

  156. 	) SECURITY_STATUS

  157. 	AcceptSecurityContext(

  158. 		credential *CredHandle,

  159. 		context *CtxtHandle,

  160. 		input *SecBufferDesc,

  161. 		contextReq uint32,

  162. 		targDataRep uint32,

  163. 		newContext *CtxtHandle,

  164. 		output *SecBufferDesc,

  165. 		contextAttr *uint32,

  166. 		expiry *syscall.Filetime,

  167. 	) SECURITY_STATUS

  168. 	QueryContextAttributes(context *CtxtHandle, attribute uint32, buffer *byte) SECURITY_STATUS

  169. 	DeleteSecurityContext(context *CtxtHandle) SECURITY_STATUS

  170. 	FreeContextBuffer(buffer *byte) SECURITY_STATUS

  171. 	FreeCredentialsHandle(handle *CredHandle) SECURITY_STATUS

  172. 	NetUserGetGroups(

  173. 		serverName *uint16,

  174. 		userName *uint16,

  175. 		level uint32,

  176. 		buf **byte,

  177. 		prefmaxlen uint32,

  178. 		entriesread *uint32,

  179. 		totalentries *uint32,

  180. 	) (neterr error)

  181. 	NetApiBufferFree(buf *byte) (neterr error)

  182. }

  183. 

  184. // Win32 implements the API interface by calling the relevant system functions

  185. // from secur32.dll and netapi32.dll

  186. type Win32 struct{}

  187. 

  188. var (

  189. 	secur32dll  = windows.NewLazySystemDLL("secur32.dll")

  190. 	netapi32dll = windows.NewLazySystemDLL("netapi32.dll")

  191. 

  192. 	procAcquireCredentialsHandleW = secur32dll.NewProc("AcquireCredentialsHandleW")

  193. 	procAcceptSecurityContext     = secur32dll.NewProc("AcceptSecurityContext")

  194. 	procQueryContextAttributesW   = secur32dll.NewProc("QueryContextAttributesW")

  195. 	procDeleteSecurityContext     = secur32dll.NewProc("DeleteSecurityContext")

  196. 	procFreeContextBuffer         = secur32dll.NewProc("FreeContextBuffer")

  197. 	procFreeCredentialsHandle     = secur32dll.NewProc("FreeCredentialsHandle")

  198. 	procNetUserGetGroups          = netapi32dll.NewProc("NetUserGetGroups")

  199. )

  200. 

  201. func (w *Win32) AcquireCredentialsHandle(

  202. 	principal *uint16,

  203. 	_package *uint16,

  204. 	credentialUse uint32,

  205. 	logonId *LUID,

  206. 	authData *byte,

  207. 	getKeyFn uintptr,

  208. 	getKeyArgument uintptr,

  209. 	credHandle *CredHandle,

  210. 	expiry *syscall.Filetime,

  211. ) SECURITY_STATUS {

  212. 	r1, _, _ := syscall.Syscall9(

  213. 		procAcquireCredentialsHandleW.Addr(), 9,

  214. 		uintptr(unsafe.Pointer(principal)),

  215. 		uintptr(unsafe.Pointer(_package)),

  216. 		uintptr(credentialUse),

  217. 		uintptr(unsafe.Pointer(logonId)),

  218. 		uintptr(unsafe.Pointer(authData)),

  219. 		uintptr(getKeyFn),

  220. 		uintptr(getKeyArgument),

  221. 		uintptr(unsafe.Pointer(credHandle)),

  222. 		uintptr(unsafe.Pointer(expiry)),

  223. 	)

  224. 	return SECURITY_STATUS(r1)

  225. }

  226. 

  227. func (w *Win32) AcceptSecurityContext(

  228. 	credential *CredHandle,

  229. 	context *CtxtHandle,

  230. 	input *SecBufferDesc,

  231. 	contextReq uint32,

  232. 	targDataRep uint32,

  233. 	newContext *CtxtHandle,

  234. 	output *SecBufferDesc,

  235. 	contextAttr *uint32,

  236. 	expiry *syscall.Filetime,

  237. ) SECURITY_STATUS {

  238. 	r1, _, _ := syscall.Syscall9(

  239. 		procAcceptSecurityContext.Addr(), 9,

  240. 		uintptr(unsafe.Pointer(credential)),

  241. 		uintptr(unsafe.Pointer(context)),

  242. 		uintptr(unsafe.Pointer(input)),

  243. 		uintptr(contextReq),

  244. 		uintptr(targDataRep),

  245. 		uintptr(unsafe.Pointer(newContext)),

  246. 		uintptr(unsafe.Pointer(output)),

  247. 		uintptr(unsafe.Pointer(contextAttr)),

  248. 		uintptr(unsafe.Pointer(expiry)),

  249. 	)

  250. 	return SECURITY_STATUS(r1)

  251. }

  252. 

  253. func (w *Win32) QueryContextAttributes(

  254. 	context *CtxtHandle,

  255. 	attribute uint32,

  256. 	buffer *byte,

  257. ) SECURITY_STATUS {

  258. 	r1, _, _ := syscall.Syscall(

  259. 		procQueryContextAttributesW.Addr(), 3,

  260. 		uintptr(unsafe.Pointer(context)),

  261. 		uintptr(attribute),

  262. 		uintptr(unsafe.Pointer(buffer)),

  263. 	)

  264. 	return SECURITY_STATUS(r1)

  265. }

  266. 

  267. func (w *Win32) DeleteSecurityContext(context *CtxtHandle) SECURITY_STATUS {

  268. 	r1, _, _ := syscall.Syscall(

  269. 		procDeleteSecurityContext.Addr(), 1,

  270. 		uintptr(unsafe.Pointer(context)),

  271. 		0, 0,

  272. 	)

  273. 	return SECURITY_STATUS(r1)

  274. }

  275. 

  276. func (w *Win32) FreeContextBuffer(buffer *byte) SECURITY_STATUS {

  277. 	r1, _, _ := syscall.Syscall(

  278. 		procFreeContextBuffer.Addr(), 1,

  279. 		uintptr(unsafe.Pointer(buffer)),

  280. 		0, 0,

  281. 	)

  282. 	return SECURITY_STATUS(r1)

  283. }

  284. 

  285. func (w *Win32) FreeCredentialsHandle(handle *CredHandle) SECURITY_STATUS {

  286. 	r1, _, _ := syscall.Syscall(

  287. 		procFreeCredentialsHandle.Addr(), 1,

  288. 		uintptr(unsafe.Pointer(handle)),

  289. 		0, 0,

  290. 	)

  291. 	return SECURITY_STATUS(r1)

  292. }

  293. 

  294. func (w *Win32) NetUserGetGroups(

  295. 	serverName *uint16,

  296. 	userName *uint16,

  297. 	level uint32,

  298. 	buf **byte,

  299. 	prefmaxlen uint32,

  300. 	entriesread *uint32,

  301. 	totalentries *uint32,

  302. ) (neterr error) {

  303. 	r0, _, _ := syscall.Syscall9(procNetUserGetGroups.Addr(), 7, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(userName)), uintptr(level), uintptr(unsafe.Pointer(buf)), uintptr(prefmaxlen), uintptr(unsafe.Pointer(entriesread)), uintptr(unsafe.Pointer(totalentries)), 0, 0)

  304. 	if r0 != 0 {

  305. 		neterr = syscall.Errno(r0)

  306. 	}

  307. 	return

  308. }

  309. 

  310. func (w *Win32) NetApiBufferFree(buf *byte) (neterr error) {

  311. 	return syscall.NetApiBufferFree(buf)

  312. }