Skip to content
Snippets Groups Projects
security_windows.go 1.71 KiB
Newer Older
  • Learn to ignore specific revisions
  • // Copyright 2016 The Go Authors. All rights reserved.
    // Use of this source code is governed by a BSD-style
    // license that can be found in the LICENSE file.
    
    package windows
    
    import (
    	"syscall"
    )
    
    const (
    	SecurityAnonymous      = 0
    	SecurityIdentification = 1
    	SecurityImpersonation  = 2
    	SecurityDelegation     = 3
    )
    
    //sys	ImpersonateSelf(impersonationlevel uint32) (err error) = advapi32.ImpersonateSelf
    //sys	RevertToSelf() (err error) = advapi32.RevertToSelf
    
    const (
    	TOKEN_ADJUST_PRIVILEGES = 0x0020
    	SE_PRIVILEGE_ENABLED    = 0x00000002
    )
    
    type LUID struct {
    	LowPart  uint32
    	HighPart int32
    }
    
    type LUID_AND_ATTRIBUTES struct {
    	Luid       LUID
    	Attributes uint32
    }
    
    type TOKEN_PRIVILEGES struct {
    	PrivilegeCount uint32
    	Privileges     [1]LUID_AND_ATTRIBUTES
    }
    
    //sys	OpenThreadToken(h syscall.Handle, access uint32, openasself bool, token *syscall.Token) (err error) = advapi32.OpenThreadToken
    //sys	LookupPrivilegeValue(systemname *uint16, name *uint16, luid *LUID) (err error) = advapi32.LookupPrivilegeValueW
    //sys	adjustTokenPrivileges(token syscall.Token, disableAllPrivileges bool, newstate *TOKEN_PRIVILEGES, buflen uint32, prevstate *TOKEN_PRIVILEGES, returnlen *uint32) (ret uint32, err error) [true] = advapi32.AdjustTokenPrivileges
    
    func AdjustTokenPrivileges(token syscall.Token, disableAllPrivileges bool, newstate *TOKEN_PRIVILEGES, buflen uint32, prevstate *TOKEN_PRIVILEGES, returnlen *uint32) error {
    	ret, err := adjustTokenPrivileges(token, disableAllPrivileges, newstate, buflen, prevstate, returnlen)
    	if ret == 0 {
    		// AdjustTokenPrivileges call failed
    		return err
    	}
    	// AdjustTokenPrivileges call succeeded
    	if err == syscall.EINVAL {
    		// GetLastError returned ERROR_SUCCESS
    		return nil
    	}
    	return err
    }