Merge pull request #1 from kgoins/crossplatform

crossplatform

.gitignore

@@ -0,0 +1 @@
+testdata/

go.mod

@@ -2,4 +2,7 @@ module github.com/kgoins/go-winacl
 
 go 1.16
 
-require golang.org/x/sys v0.0.0-20210412220455-f1c623a9e750
+require (
+	github.com/stretchr/testify v1.7.0
+	golang.org/x/sys v0.0.0-20210412220455-f1c623a9e750
+)

go.sum

@@ -1,2 +1,13 @@
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 golang.org/x/sys v0.0.0-20210412220455-f1c623a9e750 h1:ZBu6861dZq7xBnG1bn5SRU0vA8nx42at4+kP07FMTog=
 golang.org/x/sys v0.0.0-20210412220455-f1c623a9e750/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

models/ace.go → pkg/ace.go

@@ -1,8 +1,7 @@
-package models
+package winacl
 
 import (
 	"fmt"
-	"golang.org/x/sys/windows"
 	"strings"
 )
 
@@ -47,10 +46,12 @@ const (
 	ACEInheritanceFlagsInheritedObjectTypePresent                     = 0x02
 )
 
+type ACEAccessMask uint32
+
 //Header + AccessMask is 16 bytes
 type ACE struct {
 	Header     ACEHeader
-	AccessMask windows.ACCESS_MASK
+	AccessMask ACEAccessMask
 	ObjectAce  ObjectAce
 }
 
@@ -95,9 +96,9 @@ func (s BasicAce) GetPrincipal() SID {
 }
 
 type AdvancedAce struct {
-	Flags               uint32       //4 bytes
-	ObjectType          windows.GUID //16 bytes
-	InheritedObjectType windows.GUID
+	Flags               uint32 //4 bytes
+	ObjectType          GUID   //16 bytes
+	InheritedObjectType GUID
 	SecurityIdentifier  SID
 }
 
@@ -115,8 +116,7 @@ type SystemAuditAce BasicAce
 type SystemAlarmAce BasicAce
 
 // No idea what this actually is and it doesn't appear to be documented anywhere
-type AccessAllowedCompoundAce struct {
-}
+type AccessAllowedCompoundAce struct{}
 
 type AccessAllowedObjectAce AdvancedAce
 type AccessDeniedObjectAce AdvancedAce

pkg/acebuilder.go

@@ -0,0 +1,64 @@
+package winacl
+
+import (
+	"bytes"
+	"encoding/binary"
+	"fmt"
+)
+
+func NewAce(buf *bytes.Buffer) ACE {
+	ace := ACE{}
+
+	ace.Header = NewACEHeader(buf)
+	binary.Read(buf, binary.LittleEndian, &ace.AccessMask)
+	switch ace.Header.Type {
+	case AceTypeAccessAllowed, AceTypeAccessDenied, AceTypeSystemAudit, AceTypeSystemAlarm, AceTypeAccessAllowedCallback, AceTypeAccessDeniedCallback, AceTypeSystemAuditCallback, AceTypeSystemAlarmCallback:
+		ace.ObjectAce = NewBasicAce(buf, ace.Header.Size)
+	case AceTypeAccessAllowedObject, AceTypeAccessDeniedObject, AceTypeSystemAuditObject, AceTypeSystemAlarmObject, AceTypeAccessAllowedCallbackObject, AceTypeAccessDeniedCallbackObject, AceTypeSystemAuditCallbackObject, AceTypeSystemAlarmCallbackObject:
+		ace.ObjectAce = NewAdvancedAce(buf, ace.Header.Size)
+	}
+
+	return ace
+}
+
+func NewACEHeader(buf *bytes.Buffer) ACEHeader {
+	header := ACEHeader{}
+	binary.Read(buf, binary.LittleEndian, &header.Type)
+	binary.Read(buf, binary.LittleEndian, &header.Flags)
+	binary.Read(buf, binary.LittleEndian, &header.Size)
+	return header
+}
+
+func NewBasicAce(buf *bytes.Buffer, totalSize uint16) BasicAce {
+	oa := BasicAce{}
+
+	if sid, err := NewSID(buf, int(totalSize-8)); err != nil {
+		fmt.Printf("Error reading sid: %v\n", err)
+	} else {
+		oa.SecurityIdentifier = sid
+	}
+	return oa
+}
+
+func NewAdvancedAce(buf *bytes.Buffer, totalSize uint16) AdvancedAce {
+	oa := AdvancedAce{}
+	binary.Read(buf, binary.LittleEndian, &oa.Flags)
+	offset := 12
+	if (oa.Flags & uint32(ACEInheritanceFlagsObjectTypePresent)) != 0 {
+		oa.ObjectType = NewGUID(buf)
+		offset += 16
+	}
+
+	if (oa.Flags & uint32(ACEInheritanceFlagsInheritedObjectTypePresent)) != 0 {
+		oa.InheritedObjectType = NewGUID(buf)
+		offset += 16
+	}
+
+	// Header+AccessMask is 16 bytes, other members are 36 bytes.
+	if sid, err := NewSID(buf, int(totalSize)-offset); err != nil {
+		fmt.Printf("Error reading sid: %v\n", err)
+	} else {
+		oa.SecurityIdentifier = sid
+	}
+	return oa
+}

pkg/acl.go

@@ -0,0 +1,43 @@
+package winacl
+
+import (
+	"bytes"
+	"encoding/binary"
+)
+
+type ACL struct {
+	Header ACLHeader
+	Aces   []ACE
+}
+
+type ACLHeader struct {
+	Revision byte
+	Sbz1     byte
+	Size     uint16
+	AceCount uint16
+	Sbz2     uint16
+}
+
+func NewACLHeader(buf *bytes.Buffer) ACLHeader {
+	var header = ACLHeader{}
+	binary.Read(buf, binary.LittleEndian, &header.Revision)
+	binary.Read(buf, binary.LittleEndian, &header.Sbz1)
+	binary.Read(buf, binary.LittleEndian, &header.Size)
+	binary.Read(buf, binary.LittleEndian, &header.AceCount)
+	binary.Read(buf, binary.LittleEndian, &header.Sbz2)
+
+	return header
+}
+
+func NewACL(buf *bytes.Buffer) ACL {
+	acl := ACL{}
+	acl.Header = NewACLHeader(buf)
+	acl.Aces = make([]ACE, 0, acl.Header.AceCount)
+
+	for i := 0; i < int(acl.Header.AceCount); i++ {
+		ace := NewAce(buf)
+		acl.Aces = append(acl.Aces, ace)
+	}
+
+	return acl
+}