mirrors/dnscrypt-proxy
1
0
Fork 0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2025-04-04 21:57:44 +03:00
Code Issues Projects Releases Packages Wiki Activity

Fix failing tests on Windows

Browse source 
To simulate failures opening a cache file, fixtures are written without the read permission bits.
Since Unix permission bits have no meaning on Windows, a slightly more complicated solution is required to achieve the same permissions.
Thankfully, there's a library to abstract that already.
This commit is contained in:
William Elwood 2019-11-07 09:15:16 +00:00 committed by Frank Denis
parent 77a4a3da90
commit 4324a09fc9
18 changed files with 602 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

13
dnscrypt-proxy/sources_test.go
View file

@ -13,8 +13,10 @@ import (
"testing"
"time"
"github.com/jedisct1/go-minisign"
"github.com/hectane/go-acl"
"github.com/powerman/check"
"github.com/jedisct1/go-minisign"
)
type SourceFixture struct {
@ -84,6 +86,9 @@ func writeSourceCache(t *testing.T, basePath string, fixtures []SourceFixture) {
if err := ioutil.WriteFile(path, f.content, perms); err != nil {
t.Fatalf("Unable to write cache file %s: %v", path, err)
}
if err := acl.Chmod(path, perms); err != nil {
t.Fatalf("Unable to set permissions on cache file %s: %v", path, err)
}
if f.mtime.IsZero() {
continue
}
@ -96,7 +101,7 @@ func writeSourceCache(t *testing.T, basePath string, fixtures []SourceFixture) {
func checkSourceCache(c *check.C, basePath string, fixtures []SourceFixture) {
for _, f := range fixtures {
path := basePath + f.suffix
_ = os.Chmod(path, 0644) // don't worry if this fails, reading it will catch the same problem
_ = acl.Chmod(path, 0644) // don't worry if this fails, reading it will catch the same problem
got, err := ioutil.ReadFile(path)
c.DeepEqual(got, f.content, "Cache file '%s', err %v", path, err)
}
@ -269,10 +274,8 @@ func prepSourceTestCache(t *testing.T, d *SourceTestData, e *SourceTestExpect, s
e.Source.in = e.cache[0].content
case TestStatePartial, TestStatePartialSig:
e.err = "signature"
case TestStateMissing, TestStateMissingSig:
case TestStateMissing, TestStateMissingSig, TestStateOpenErr, TestStateOpenSigErr:
e.err = "open"
case TestStateOpenErr, TestStateOpenSigErr:
e.err = os.ErrPermission.Error()
}
writeSourceCache(t, e.cachePath, e.cache)
}

1
go.mod
View file

@ -11,6 +11,7 @@ require (
github.com/facebookgo/pidfile v0.0.0-20150612191647-f242e2999868
github.com/hashicorp/go-immutable-radix v1.1.0
github.com/hashicorp/golang-lru v0.5.3
github.com/hectane/go-acl v0.0.0-20190604041725-da78bae5fc95
github.com/jedisct1/dlog v0.0.0-20190909160351-692385b00b84
github.com/jedisct1/go-clocksmith v0.0.0-20190707124905-73e087c7979c
github.com/jedisct1/go-dnsstamps v0.0.0-20191014084838-3e6e00f2b602

3
go.sum
View file

@ -28,6 +28,8 @@ github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.3 h1:YPkqC67at8FYaadspW/6uE0COsBxS2656RLEr8Bppgk=
github.com/hashicorp/golang-lru v0.5.3/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
github.com/hectane/go-acl v0.0.0-20190604041725-da78bae5fc95 h1:S4qyfL2sEm5Budr4KVMyEniCy+PbS55651I/a+Kn/NQ=
github.com/hectane/go-acl v0.0.0-20190604041725-da78bae5fc95/go.mod h1:QiyDdbZLaJ/mZP4Zwc9g2QsfaEA4o7XvvgZegSci5/E=
github.com/jedisct1/dlog v0.0.0-20190909160351-692385b00b84 h1:7Q8p5MNx7fMvIRFirdWQpqPEtoSMyskdyOjdi6x4pLc=
github.com/jedisct1/dlog v0.0.0-20190909160351-692385b00b84/go.mod h1:YXh1b5j+lwirsCCtTJW19DrbpaL9/5UzwNjI78Cvrg8=
github.com/jedisct1/go-clocksmith v0.0.0-20190707124905-73e087c7979c h1:a/NQUT7AXkEfhaZ+nb7Uzqijo1Qc7C7SZpRrv+6UQDA=
@ -74,6 +76,7 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sys v0.0.0-20190204203706-41f3e6584952/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190529164535-6a60838ec259/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190909082730-f460065e899a h1:mIzbOulag9/gXacgxKlFVwpCOWSfBT3/pDyyCwGA9as=
golang.org/x/sys v0.0.0-20190909082730-f460065e899a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=

9
vendor/github.com/hectane/go-acl/LICENSE.txt generated vendored Normal file
View file

@ -0,0 +1,9 @@
The MIT License (MIT)
Copyright (c) 2015 Nathan Osman
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

66
vendor/github.com/hectane/go-acl/README.md generated vendored Normal file
View file

@ -0,0 +1,66 @@
## go-acl
[![Build status](https://ci.appveyor.com/api/projects/status/rbdyu7c39o2j0ru9?svg=true)](https://ci.appveyor.com/project/nathan-osman/go-acl)
[![GoDoc](https://godoc.org/github.com/hectane/go-acl?status.svg)](https://godoc.org/github.com/hectane/go-acl)
[![MIT License](http://img.shields.io/badge/license-MIT-9370d8.svg?style=flat)](http://opensource.org/licenses/MIT)
Manipulating ACLs (Access Control Lists) on Windows is difficult. go-acl wraps the Windows API functions that control access to objects, simplifying the process.
### Using the Package
To use the package add the following imports:
import (
"github.com/hectane/go-acl"
"golang.org/x/sys/windows"
)
### Examples
Probably the most commonly used function in this package is `Chmod`:
if err := acl.Chmod("C:\\path\\to\\file.txt", 0755); err != nil {
panic(err)
}
To grant read access to user "Alice" and deny write access to user "Bob":
if err := acl.Apply(
"C:\\path\\to\\file.txt",
false,
false,
acl.GrantName(windows.GENERIC_READ, "Alice"),
acl.DenyName(windows.GENERIC_WRITE, "Bob"),
); err != nil {
panic(err)
}
### Using the API Directly
go-acl's `api` package exposes the individual Windows API functions that are used to manipulate ACLs. For example, to retrieve the current owner of a file:
import (
"github.com/hectane/go-acl/api"
"golang.org/x/sys/windows"
)
var (
owner *windows.SID
secDesc windows.Handle
)
err := api.GetNamedSecurityInfo(
"C:\\path\\to\\file.txt",
api.SE_FILE_OBJECT,
api.OWNER_SECURITY_INFORMATION,
&owner,
nil,
nil,
nil,
&secDesc,
)
if err != nil {
panic(err)
}
defer windows.LocalFree(secDesc)
`owner` will then point to the SID for the owner of the file.

98
vendor/github.com/hectane/go-acl/api/acl.go generated vendored Normal file
View file

@ -0,0 +1,98 @@
//+build windows
package api
import (
"golang.org/x/sys/windows"
"unsafe"
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa379284.aspx
const (
NO_MULTIPLE_TRUSTEE = iota
TRUSTEE_IS_IMPERSONATE
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa379638.aspx
const (
TRUSTEE_IS_SID = iota
TRUSTEE_IS_NAME
TRUSTEE_BAD_FORM
TRUSTEE_IS_OBJECTS_AND_SID
TRUSTEE_IS_OBJECTS_AND_NAME
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa379639.aspx
const (
TRUSTEE_IS_UNKNOWN = iota
TRUSTEE_IS_USER
TRUSTEE_IS_GROUP
TRUSTEE_IS_DOMAIN
TRUSTEE_IS_ALIAS
TRUSTEE_IS_WELL_KNOWN_GROUP
TRUSTEE_IS_DELETED
TRUSTEE_IS_INVALID
TRUSTEE_IS_COMPUTER
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa374899.aspx
const (
NOT_USED_ACCESS = iota
GRANT_ACCESS
SET_ACCESS
DENY_ACCESS
REVOKE_ACCESS
SET_AUDIT_SUCCESS
SET_AUDIT_FAILURE
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa446627.aspx
const (
NO_INHERITANCE = 0x0
SUB_OBJECTS_ONLY_INHERIT = 0x1
SUB_CONTAINERS_ONLY_INHERIT = 0x2
SUB_CONTAINERS_AND_OBJECTS_INHERIT = 0x3
INHERIT_NO_PROPAGATE = 0x4
INHERIT_ONLY = 0x8
OBJECT_INHERIT_ACE = 0x1
CONTAINER_INHERIT_ACE = 0x2
NO_PROPAGATE_INHERIT_ACE = 0x4
INHERIT_ONLY_ACE = 0x8
)
var (
procSetEntriesInAclW = advapi32.MustFindProc("SetEntriesInAclW")
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa379636.aspx
type Trustee struct {
MultipleTrustee *Trustee
MultipleTrusteeOperation int32
TrusteeForm int32
TrusteeType int32
Name *uint16
}
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa446627.aspx
type ExplicitAccess struct {
AccessPermissions uint32
AccessMode int32
Inheritance uint32
Trustee Trustee
}
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa379576.aspx
func SetEntriesInAcl(entries []ExplicitAccess, oldAcl windows.Handle, newAcl *windows.Handle) error {
ret, _, err := procSetEntriesInAclW.Call(
uintptr(len(entries)),
uintptr(unsafe.Pointer(&entries[0])),
uintptr(oldAcl),
uintptr(unsafe.Pointer(newAcl)),
)
if ret != 0 {
return err
}
return nil
}

10
vendor/github.com/hectane/go-acl/api/api.go generated vendored Normal file
View file

@ -0,0 +1,10 @@
//+build windows
// Windows API functions for manipulating ACLs.
package api
import (
"golang.org/x/sys/windows"
)
var advapi32 = windows.MustLoadDLL("advapi32.dll")

3
vendor/github.com/hectane/go-acl/api/posix.go generated vendored Normal file
View file

@ -0,0 +1,3 @@
//+build !windows
package api

84
vendor/github.com/hectane/go-acl/api/secinfo.go generated vendored Normal file
View file

@ -0,0 +1,84 @@
//+build windows
package api
import (
"golang.org/x/sys/windows"
"unsafe"
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa379593.aspx
const (
SE_UNKNOWN_OBJECT_TYPE = iota
SE_FILE_OBJECT
SE_SERVICE
SE_PRINTER
SE_REGISTRY_KEY
SE_LMSHARE
SE_KERNEL_OBJECT
SE_WINDOW_OBJECT
SE_DS_OBJECT
SE_DS_OBJECT_ALL
SE_PROVIDER_DEFINED_OBJECT
SE_WMIGUID_OBJECT
SE_REGISTRY_WOW64_32KEY
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa379573.aspx
const (
OWNER_SECURITY_INFORMATION = 0x00001
GROUP_SECURITY_INFORMATION = 0x00002
DACL_SECURITY_INFORMATION = 0x00004
SACL_SECURITY_INFORMATION = 0x00008
LABEL_SECURITY_INFORMATION = 0x00010
ATTRIBUTE_SECURITY_INFORMATION = 0x00020
SCOPE_SECURITY_INFORMATION = 0x00040
PROCESS_TRUST_LABEL_SECURITY_INFORMATION = 0x00080
BACKUP_SECURITY_INFORMATION = 0x10000
PROTECTED_DACL_SECURITY_INFORMATION = 0x80000000
PROTECTED_SACL_SECURITY_INFORMATION = 0x40000000
UNPROTECTED_DACL_SECURITY_INFORMATION = 0x20000000
UNPROTECTED_SACL_SECURITY_INFORMATION = 0x10000000
)
var (
procGetNamedSecurityInfoW = advapi32.MustFindProc("GetNamedSecurityInfoW")
procSetNamedSecurityInfoW = advapi32.MustFindProc("SetNamedSecurityInfoW")
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa446645.aspx
func GetNamedSecurityInfo(objectName string, objectType int32, secInfo uint32, owner, group **windows.SID, dacl, sacl, secDesc *windows.Handle) error {
ret, _, err := procGetNamedSecurityInfoW.Call(
uintptr(unsafe.Pointer(windows.StringToUTF16Ptr(objectName))),
uintptr(objectType),
uintptr(secInfo),
uintptr(unsafe.Pointer(owner)),
uintptr(unsafe.Pointer(group)),
uintptr(unsafe.Pointer(dacl)),
uintptr(unsafe.Pointer(sacl)),
uintptr(unsafe.Pointer(secDesc)),
)
if ret != 0 {
return err
}
return nil
}
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa379579.aspx
func SetNamedSecurityInfo(objectName string, objectType int32, secInfo uint32, owner, group *windows.SID, dacl, sacl windows.Handle) error {
ret, _, err := procSetNamedSecurityInfoW.Call(
uintptr(unsafe.Pointer(windows.StringToUTF16Ptr(objectName))),
uintptr(objectType),
uintptr(secInfo),
uintptr(unsafe.Pointer(owner)),
uintptr(unsafe.Pointer(group)),
uintptr(dacl),
uintptr(sacl),
)
if ret != 0 {
return err
}
return nil
}

131
vendor/github.com/hectane/go-acl/api/sid.go generated vendored Normal file
View file

@ -0,0 +1,131 @@
//+build windows
package api
import (
"golang.org/x/sys/windows"
"unsafe"
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/ee207397.aspx
const (
SECURITY_MAX_SID_SIZE = 68
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa379650.aspx
const (
WinNullSid = 0
WinWorldSid = 1
WinLocalSid = 2
WinCreatorOwnerSid = 3
WinCreatorGroupSid = 4
WinCreatorOwnerServerSid = 5
WinCreatorGroupServerSid = 6
WinNtAuthoritySid = 7
WinDialupSid = 8
WinNetworkSid = 9
WinBatchSid = 10
WinInteractiveSid = 11
WinServiceSid = 12
WinAnonymousSid = 13
WinProxySid = 14
WinEnterpriseControllersSid = 15
WinSelfSid = 16
WinAuthenticatedUserSid = 17
WinRestrictedCodeSid = 18
WinTerminalServerSid = 19
WinRemoteLogonIdSid = 20
WinLogonIdsSid = 21
WinLocalSystemSid = 22
WinLocalServiceSid = 23
WinNetworkServiceSid = 24
WinBuiltinDomainSid = 25
WinBuiltinAdministratorsSid = 26
WinBuiltinUsersSid = 27
WinBuiltinGuestsSid = 28
WinBuiltinPowerUsersSid = 29
WinBuiltinAccountOperatorsSid = 30
WinBuiltinSystemOperatorsSid = 31
WinBuiltinPrintOperatorsSid = 32
WinBuiltinBackupOperatorsSid = 33
WinBuiltinReplicatorSid = 34
WinBuiltinPreWindows2000CompatibleAccessSid = 35
WinBuiltinRemoteDesktopUsersSid = 36
WinBuiltinNetworkConfigurationOperatorsSid = 37
WinAccountAdministratorSid = 38
WinAccountGuestSid = 39
WinAccountKrbtgtSid = 40
WinAccountDomainAdminsSid = 41
WinAccountDomainUsersSid = 42
WinAccountDomainGuestsSid = 43
WinAccountComputersSid = 44
WinAccountControllersSid = 45
WinAccountCertAdminsSid = 46
WinAccountSchemaAdminsSid = 47
WinAccountEnterpriseAdminsSid = 48
WinAccountPolicyAdminsSid = 49
WinAccountRasAndIasServersSid = 50
WinNTLMAuthenticationSid = 51
WinDigestAuthenticationSid = 52
WinSChannelAuthenticationSid = 53
WinThisOrganizationSid = 54
WinOtherOrganizationSid = 55
WinBuiltinIncomingForestTrustBuildersSid = 56
WinBuiltinPerfMonitoringUsersSid = 57
WinBuiltinPerfLoggingUsersSid = 58
WinBuiltinAuthorizationAccessSid = 59
WinBuiltinTerminalServerLicenseServersSid = 60
WinBuiltinDCOMUsersSid = 61
WinBuiltinIUsersSid = 62
WinIUserSid = 63
WinBuiltinCryptoOperatorsSid = 64
WinUntrustedLabelSid = 65
WinLowLabelSid = 66
WinMediumLabelSid = 67
WinHighLabelSid = 68
WinSystemLabelSid = 69
WinWriteRestrictedCodeSid = 70
WinCreatorOwnerRightsSid = 71
WinCacheablePrincipalsGroupSid = 72
WinNonCacheablePrincipalsGroupSid = 73
WinEnterpriseReadonlyControllersSid = 74
WinAccountReadonlyControllersSid = 75
WinBuiltinEventLogReadersGroup = 76
WinNewEnterpriseReadonlyControllersSid = 77
WinBuiltinCertSvcDComAccessGroup = 78
WinMediumPlusLabelSid = 79
WinLocalLogonSid = 80
WinConsoleLogonSid = 81
WinThisOrganizationCertificateSid = 82
WinApplicationPackageAuthoritySid = 83
WinBuiltinAnyPackageSid = 84
WinCapabilityInternetClientSid = 85
WinCapabilityInternetClientServerSid = 86
WinCapabilityPrivateNetworkClientServerSid = 87
WinCapabilityPicturesLibrarySid = 88
WinCapabilityVideosLibrarySid = 89
WinCapabilityMusicLibrarySid = 90
WinCapabilityDocumentsLibrarySid = 91
WinCapabilitySharedUserCertificatesSid = 92
WinCapabilityEnterpriseAuthenticationSid = 93
WinCapabilityRemovableStorageSid = 94
)
var (
procCreateWellKnownSid = advapi32.MustFindProc("CreateWellKnownSid")
)
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa446585.aspx
func CreateWellKnownSid(sidType int32, sidDomain, sid *windows.SID, sidLen *uint32) error {
ret, _, err := procCreateWellKnownSid.Call(
uintptr(sidType),
uintptr(unsafe.Pointer(sidDomain)),
uintptr(unsafe.Pointer(sid)),
uintptr(unsafe.Pointer(sidLen)),
)
if ret == 0 {
return err
}
return nil
}

55
vendor/github.com/hectane/go-acl/apply.go generated vendored Normal file
View file

@ -0,0 +1,55 @@
//+build windows
package acl
import (
"github.com/hectane/go-acl/api"
"golang.org/x/sys/windows"
"unsafe"
)
// Apply the provided access control entries to a file. If the replace
// parameter is true, existing entries will be overwritten. If the inherit
// parameter is true, the file will inherit ACEs from its parent.
func Apply(name string, replace, inherit bool, entries ...api.ExplicitAccess) error {
var oldAcl windows.Handle
if !replace {
var secDesc windows.Handle
api.GetNamedSecurityInfo(
name,
api.SE_FILE_OBJECT,
api.DACL_SECURITY_INFORMATION,
nil,
nil,
&oldAcl,
nil,
&secDesc,
)
defer windows.LocalFree(secDesc)
}
var acl windows.Handle
if err := api.SetEntriesInAcl(
entries,
oldAcl,
&acl,
); err != nil {
return err
}
defer windows.LocalFree((windows.Handle)(unsafe.Pointer(acl)))
var secInfo uint32
if !inherit {
secInfo = api.PROTECTED_DACL_SECURITY_INFORMATION
} else {
secInfo = api.UNPROTECTED_DACL_SECURITY_INFORMATION
}
return api.SetNamedSecurityInfo(
name,
api.SE_FILE_OBJECT,
api.DACL_SECURITY_INFORMATION|secInfo,
nil,
nil,
acl,
0,
)
}

16
vendor/github.com/hectane/go-acl/appveyor.yml generated vendored Normal file
View file

@ -0,0 +1,16 @@
version: '{build}'
clone_folder: C:\gopath\src\github.com\hectane\go-acl
environment:
GOPATH: C:\gopath
install:
- go version
- go env
- go get -t -v ./...
build: off
test_script:
- go test -v ./...

38
vendor/github.com/hectane/go-acl/chmod.go generated vendored Normal file
View file

@ -0,0 +1,38 @@
//+build windows
package acl
import (
"os"
"golang.org/x/sys/windows"
)
// Change the permissions of the specified file. Only the nine
// least-significant bytes are used, allowing access by the file's owner, the
// file's group, and everyone else to be explicitly controlled.
func Chmod(name string, fileMode os.FileMode) error {
// https://support.microsoft.com/en-us/help/243330/well-known-security-identifiers-in-windows-operating-systems
creatorOwnerSID, err := windows.StringToSid("S-1-3-0")
if err != nil {
return err
}
creatorGroupSID, err := windows.StringToSid("S-1-3-1")
if err != nil {
return err
}
everyoneSID, err := windows.StringToSid("S-1-1-0")
if err != nil {
return err
}
mode := uint32(fileMode)
return Apply(
name,
true,
false,
GrantSid(((mode&0700)<<23)|((mode&0200)<<9), creatorOwnerSID),
GrantSid(((mode&0070)<<26)|((mode&0020)<<12), creatorGroupSID),
GrantSid(((mode&0007)<<29)|((mode&0002)<<15), everyoneSID),
)
}

5
vendor/github.com/hectane/go-acl/go.mod generated vendored Normal file
View file

@ -0,0 +1,5 @@
module github.com/hectane/go-acl
go 1.12
require golang.org/x/sys v0.0.0-20190529164535-6a60838ec259

2
vendor/github.com/hectane/go-acl/go.sum generated vendored Normal file
View file

@ -0,0 +1,2 @@
golang.org/x/sys v0.0.0-20190529164535-6a60838ec259 h1:so6Hr/LodwSZ5UQDu/7PmQiDeS112WwtLvU3lpSPZTU=
golang.org/x/sys v0.0.0-20190529164535-6a60838ec259/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=

8
vendor/github.com/hectane/go-acl/posix.go generated vendored Normal file
View file

@ -0,0 +1,8 @@
//+build !windows
package acl
import "os"
// Chmod is os.Chmod.
var Chmod = os.Chmod

62
vendor/github.com/hectane/go-acl/util.go generated vendored Normal file
View file

@ -0,0 +1,62 @@
//+build windows
package acl
import (
"github.com/hectane/go-acl/api"
"golang.org/x/sys/windows"
"unsafe"
)
// Create an ExplicitAccess instance granting permissions to the provided SID.
func GrantSid(accessPermissions uint32, sid *windows.SID) api.ExplicitAccess {
return api.ExplicitAccess{
AccessPermissions: accessPermissions,
AccessMode: api.GRANT_ACCESS,
Inheritance: api.SUB_CONTAINERS_AND_OBJECTS_INHERIT,
Trustee: api.Trustee{
TrusteeForm: api.TRUSTEE_IS_SID,
Name: (*uint16)(unsafe.Pointer(sid)),
},
}
}
// Create an ExplicitAccess instance granting permissions to the provided name.
func GrantName(accessPermissions uint32, name string) api.ExplicitAccess {
return api.ExplicitAccess{
AccessPermissions: accessPermissions,
AccessMode: api.GRANT_ACCESS,
Inheritance: api.SUB_CONTAINERS_AND_OBJECTS_INHERIT,
Trustee: api.Trustee{
TrusteeForm: api.TRUSTEE_IS_NAME,
Name: windows.StringToUTF16Ptr(name),
},
}
}
// Create an ExplicitAccess instance denying permissions to the provided SID.
func DenySid(accessPermissions uint32, sid *windows.SID) api.ExplicitAccess {
return api.ExplicitAccess{
AccessPermissions: accessPermissions,
AccessMode: api.DENY_ACCESS,
Inheritance: api.SUB_CONTAINERS_AND_OBJECTS_INHERIT,
Trustee: api.Trustee{
TrusteeForm: api.TRUSTEE_IS_SID,
Name: (*uint16)(unsafe.Pointer(sid)),
},
}
}
// Create an ExplicitAccess instance denying permissions to the provided name.
func DenyName(accessPermissions uint32, name string) api.ExplicitAccess {
return api.ExplicitAccess{
AccessPermissions: accessPermissions,
AccessMode: api.DENY_ACCESS,
Inheritance: api.SUB_CONTAINERS_AND_OBJECTS_INHERIT,
Trustee: api.Trustee{
TrusteeForm: api.TRUSTEE_IS_NAME,
Name: windows.StringToUTF16Ptr(name),
},
}
}

3
vendor/modules.txt vendored
View file

@ -24,6 +24,9 @@ github.com/hashicorp/go-syslog
# github.com/hashicorp/golang-lru v0.5.3
github.com/hashicorp/golang-lru
github.com/hashicorp/golang-lru/simplelru
# github.com/hectane/go-acl v0.0.0-20190604041725-da78bae5fc95
github.com/hectane/go-acl
github.com/hectane/go-acl/api
# github.com/jedisct1/dlog v0.0.0-20190909160351-692385b00b84
github.com/jedisct1/dlog
# github.com/jedisct1/go-clocksmith v0.0.0-20190707124905-73e087c7979c