Commit a575b134 authored by ale's avatar ale
Browse files

Merge branch 'use-aux-db' into 'master'

Use aux-db to retrieve cms_info data

See merge request !20
parents 56ea15af 5c5c4b98
Pipeline #12903 passed with stages
in 1 minute and 53 seconds
......@@ -3,44 +3,46 @@ package webappdbbackend
import (
"context"
"log"
"sync"
"time"
as "git.autistici.org/ai3/accountserver"
"git.autistici.org/ai3/go-common/clientutil"
"git.autistici.org/ai3/tools/webappdb/proto"
auxpb "git.autistici.org/ai3/tools/aux-db/proto"
)
// WebappDBBackend looks up website information in the webappdb
// (FreeWVS) service.
type WebappDBBackend struct {
// AuxWebappBackend looks up website information (cms_info data type) in
// the aux-db service.
type AuxWebappBackend struct {
as.Backend
dbbe clientutil.Backend
auxdbbe clientutil.Backend
}
type wdbTX struct {
as.TX
dbbe clientutil.Backend
auxdbbe clientutil.Backend
}
func Wrap(b as.Backend, config *clientutil.BackendConfig) (*WebappDBBackend, error) {
func Wrap(b as.Backend, config *clientutil.BackendConfig) (*AuxWebappBackend, error) {
be, err := clientutil.NewBackend(config)
if err != nil {
return nil, err
}
return &WebappDBBackend{
return &AuxWebappBackend{
Backend: b,
dbbe: be,
auxdbbe: be,
}, nil
}
func (b *WebappDBBackend) NewTransaction() (as.TX, error) {
func (b *AuxWebappBackend) NewTransaction() (as.TX, error) {
tx, err := b.Backend.NewTransaction()
if err != nil {
return nil, err
}
return &wdbTX{
TX: tx,
dbbe: b.dbbe,
TX: tx,
auxdbbe: b.auxdbbe,
}, nil
}
......@@ -59,11 +61,7 @@ func (tx *wdbTX) GetUser(ctx context.Context, name string) (*as.RawUser, error)
}
if len(sites) > 0 {
if err = tx.lookup(ctx, sites); err != nil {
// This error is non-fatal, we just do not
// augment the resources with web app info.
log.Printf("error looking up webappdb: %v", err)
}
tx.lookup(ctx, sites)
}
return user, nil
......@@ -76,42 +74,78 @@ func (tx *wdbTX) GetResource(ctx context.Context, id as.ResourceID) (*as.RawReso
}
if rsrc.Type == as.ResourceTypeWebsite || rsrc.Type == as.ResourceTypeDomain {
if err := tx.lookup(ctx, []*as.Resource{&rsrc.Resource}); err != nil {
// This error is non-fatal, we just do not
// augment the resources with web app info.
log.Printf("error looking up webappdb: %v", err)
}
tx.lookup(ctx, []*as.Resource{&rsrc.Resource})
}
return rsrc, nil
}
// Specialization of auxpb.Entry that we can use to deserialize the
// value_json attribute right away into the type we are expecting to
// see. We just need a tiny amount of further processing to wrap back
// some fields into the result.
type webappsGetResponseEntry struct {
Key auxpb.Key `json:"key"`
Timestamp time.Time `json:"timestamp"`
ValueJSON *as.App `json:"value_json"`
}
func (w *webappsGetResponseEntry) App() *as.App {
app := w.ValueJSON
app.Timestamp = w.Timestamp
app.Path = w.Key.AppKey
app.Site = w.Key.ResourceID
return app
}
type webappsGetResponse struct {
Results []*webappsGetResponseEntry `json:"results"`
}
// Lookup resources in the webapp DB, modifying them in-place with any
// eventual CMSInfo data returned.
func (tx *wdbTX) lookup(ctx context.Context, resources []*as.Resource) error {
func (tx *wdbTX) lookup(ctx context.Context, resources []*as.Resource) {
// Build a list of site names, and a site name -> resource map
// so we can modify the original objects with our results.
sites := make([]string, 0, len(resources))
rsrcMap := make(map[string]*as.Resource)
byShard := make(map[string][]auxpb.Key)
byKey := make(map[string]*as.Resource)
for _, r := range resources {
rsrcMap[r.Name] = r
sites = append(sites, r.Name)
}
// Create the lookup key for aux-db.
auxKey := auxpb.Key{
Type: "webapp",
Shard: r.Shard,
ResourceID: r.ID.String(),
}
byKey[r.ID.String()] = r
var resp webappdb.FindAppsBySiteResponse
if err := tx.dbbe.Call(ctx, "", "/api/search/by_site", &webappdb.FindAppsBySiteRequest{
Sites: sites,
}, &resp); err != nil {
return err
// Group resource keys by shard.
byShard[r.Shard] = append(byShard[r.Shard], auxKey)
}
for key, values := range resp.Apps {
r, ok := rsrcMap[key]
if !ok || r.Website == nil {
continue
}
r.Website.CMSInfo = values
// Query each shard in parallel, modify the resulting
// Resources in-place, ignoring errors.
var wg sync.WaitGroup
for shardID, keys := range byShard {
wg.Add(1)
go func(shardID string, keys []auxpb.Key) {
defer wg.Done()
var resp webappsGetResponse
if err := tx.auxdbbe.Call(ctx, shardID, "/api/get", &auxpb.GetRequest{Keys: keys}, &resp); err != nil {
// Errors are non-fatal, just log them.
log.Printf("aux-db lookup error (shard %s): %v", shardID, err)
return
}
// Now append the cms_info data to the associated Resource object.
for _, entry := range resp.Results {
r, ok := byKey[entry.Key.ResourceID]
if !ok || r.Website == nil {
continue
}
r.Website.CMSInfo = append(r.Website.CMSInfo, entry.App())
}
}(shardID, keys)
}
return nil
wg.Wait()
}
......@@ -4,12 +4,13 @@ go 1.14
require (
git.autistici.org/ai3/go-common v0.0.0-20210118064555-73f00db54723
git.autistici.org/ai3/tools/webappdb v0.0.0-20210117172932-02a098c04745
git.autistici.org/ai3/tools/aux-db v0.0.0-20210127161623-c7f0177bcc33
git.autistici.org/id/auth v0.0.0-20210117173158-5b5aa9684fa2
git.autistici.org/id/go-sso v0.0.0-20210117165919-e56e6579953d
git.autistici.org/id/usermetadb v0.0.0-20210117202739-301b3d00f818
github.com/go-ldap/ldap/v3 v3.2.4
github.com/go-test/deep v1.0.7
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627
github.com/pquerna/otp v1.3.0
github.com/prometheus/client_golang v1.9.0
......
......@@ -40,8 +40,8 @@ git.autistici.org/ai3/go-common v0.0.0-20210110180225-a05c683cfe23 h1:YHSG7Vr8nP
git.autistici.org/ai3/go-common v0.0.0-20210110180225-a05c683cfe23/go.mod h1:Iik+i0XmqNPTBjWl3vicFz0kjfFK5HBvyFsfIC4S1Ik=
git.autistici.org/ai3/go-common v0.0.0-20210118064555-73f00db54723 h1:ylA6azCumIJnT7xb5hHrz0At6r1u3zqnugl1gB92KO0=
git.autistici.org/ai3/go-common v0.0.0-20210118064555-73f00db54723/go.mod h1:T8BS+630KLzy30X2lshL98H0NW3Xuyzs8NI9D6C3New=
git.autistici.org/ai3/tools/webappdb v0.0.0-20210117172932-02a098c04745 h1:JsOtwQw4LiTbflSkbCaPEOkg992lVJz7jALN/jtWITk=
git.autistici.org/ai3/tools/webappdb v0.0.0-20210117172932-02a098c04745/go.mod h1:vQDkLXjvjxDXG2nUcdQWOYUqGPjMCwlNVfBP+Cvg0e0=
git.autistici.org/ai3/tools/aux-db v0.0.0-20210127161623-c7f0177bcc33 h1:r8/Z/jrey5pK6GiPR6i9vTEx8yR3xcspDC7LLWp4mrc=
git.autistici.org/ai3/tools/aux-db v0.0.0-20210127161623-c7f0177bcc33/go.mod h1:SI8ChSMUpEgxWFvzc/FGFtcrOuYTVu6Ai5cTOjMP3+U=
git.autistici.org/id/auth v0.0.0-20210110171913-dd493db32815/go.mod h1:Hq4zcqE2hbrXsC9j79kzfnBf2BqlGmuVCRIz+AwX/FY=
git.autistici.org/id/auth v0.0.0-20210117173158-5b5aa9684fa2 h1:MWQyGLMcEvpqACBA5lBKncID3vESuLBKX+DOp1dX0II=
git.autistici.org/id/auth v0.0.0-20210117173158-5b5aa9684fa2/go.mod h1:uKWHbnpNKPgytrr799WCOAsiOfLsXL3G1VOrjyRYAhA=
......@@ -204,6 +204,7 @@ github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7a
github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
github.com/golang-migrate/migrate/v4 v4.14.1 h1:qmRd/rNGjM1r3Ve5gHd5ZplytrD02UcItYNxJ3iUHHE=
github.com/golang-migrate/migrate/v4 v4.14.1/go.mod h1:l7Ks0Au6fYHuUIxUhQ0rcVX1uLlJg54C/VvW7tvxSz0=
github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
......@@ -289,11 +290,13 @@ github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMW
github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM=
github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
github.com/hashicorp/go-multierror v1.1.0 h1:B9UzwGQJehnUY1yNrnwREHc3fGbC2xefo8g4TbElacI=
github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA=
github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU=
github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU=
......@@ -389,8 +392,6 @@ github.com/markbates/pkger v0.15.1/go.mod h1:0JoVlrol20BSywW79rN3kdFFsE5xYM+rSCQ
github.com/mattermost/xml-roundtrip-validator v0.0.0-20201213122252-bcd7e1b9601e/go.mod h1:qccnGMcpgwcNaBnxqpJpWWUiPNr5H3O8eDgGV9gT5To=
github.com/mattermost/xml-roundtrip-validator v0.0.0-20201219040909-8fd2afad43d1/go.mod h1:qccnGMcpgwcNaBnxqpJpWWUiPNr5H3O8eDgGV9gT5To=
github.com/mattes/migrate v0.0.0-20180508041624-4768a648fbd9/go.mod h1:LJcqgpj1jQoxv3m2VXd3drv0suK5CbN/RCX7MXwgnVI=
github.com/mattes/migrate v3.0.2-0.20180508041624-4768a648fbd9+incompatible h1:FAIQGZlq18kmVrnwmje0nAOsHtZaIJjJNliv4yk38rk=
github.com/mattes/migrate v3.0.2-0.20180508041624-4768a648fbd9+incompatible/go.mod h1:LJcqgpj1jQoxv3m2VXd3drv0suK5CbN/RCX7MXwgnVI=
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
......@@ -769,8 +770,8 @@ golang.org/x/sys v0.0.0-20201029080932-201ba4db2418/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201214210602-f9fddec55a1e h1:AyodaIpKjppX+cBfTASF2E1US3H2JFBj920Ot3rtDjs=
golang.org/x/sys v0.0.0-20201214210602-f9fddec55a1e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210113181707-4bcb84eeeb78 h1:nVuTkr9L6Bq62qpUqKo/RnZCFfzDBL0bYo6w9OJUqZY=
golang.org/x/sys v0.0.0-20210113181707-4bcb84eeeb78/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c h1:VwygUrnw9jn88c4u8GD3rZQbqrP/tgas88tPUbBxQrk=
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
......@@ -967,6 +968,8 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
......
......@@ -8,7 +8,6 @@ import (
"time"
"git.autistici.org/ai3/go-common/pwhash"
"git.autistici.org/ai3/tools/webappdb/proto"
)
// Possible values for user status.
......@@ -560,6 +559,20 @@ type WebDAV struct {
Homedir string `json:"homedir"`
}
// App stores information about an application instance. The JSON
// fields should match the XML fields as used by 'freewvs --xml'.
type App struct {
//Shard string `json:"shard"`
Path string `json:"directory"`
Site string `json:"site"`
Name string `json:"appname"`
Version string `json:"version"`
SafeVersion string `json:"safeversion"`
State string `json:"state"`
VulnInfo string `json:"vulninfo"`
Timestamp time.Time `json:"timestamp"`
}
// Website resource attributes. Used for both normal websites
// (a.k.a. "subsites" of some parent domain) and domains.
type Website struct {
......@@ -574,7 +587,7 @@ type Website struct {
DocumentRoot string `json:"document_root"`
StatsID int `json:"stats_id"`
CMSInfo []*webappdb.App `json:"cms_info,omitempty"`
CMSInfo []*App `json:"cms_info,omitempty"`
}
// Database resource attributes.
......
This diff is collapsed.
package auxpb
import (
"errors"
"fmt"
"net/url"
"strings"
"time"
)
type Key struct {
Shard string
Type string
ResourceID string
AppKey string
}
func ParseKey(s string) (k Key, err error) {
parts := strings.SplitN(s, "/", 4)
if len(parts) < 3 {
err = errors.New("invalid key format")
return
}
k.Shard, err = url.PathUnescape(parts[0])
if err != nil {
return
}
k.Type, err = url.PathUnescape(parts[1])
if err != nil {
return
}
k.ResourceID, err = url.PathUnescape(parts[2])
if err != nil {
return
}
if len(parts) == 4 {
k.AppKey, err = url.PathUnescape(parts[3])
}
return
}
func (k Key) String() string {
s := fmt.Sprintf(
"%s/%s/%s",
url.PathEscape(k.Shard),
url.PathEscape(k.Type),
url.PathEscape(k.ResourceID),
)
if k.AppKey != "" {
s += "/"
s += url.PathEscape(k.AppKey)
}
return s
}
// RPC request/response types.
// Entry uses 'raw' JSON for its ValueJSON field: you can replace the
// GetResponse with your own result type matching this JSON data
// fingerprint to have automated decoding via clientutil.Call().
type Entry struct {
Key Key `json:"key"`
ValueJSON EncodedJSON `json:"value_json"`
Timestamp time.Time `json:"timestamp"`
}
type SetRequest struct {
Type string `json:"type"`
ResourceID string `json:"resource_id"`
AppKey string `json:"app_key"`
ValueJSON string `json:"value_json"`
Timestamp time.Time `json:"timestamp"`
TTL int `json:"ttl"`
}
type LoadEntry struct {
ResourceID string `json:"resource_id"`
AppKey string `json:"app_key"`
ValueJSON string `json:"value_json"`
}
type LoadRequest struct {
Type string `json:"type"`
Timestamp time.Time `json:"timestamp"`
TTL int `json:"ttl"`
Entries []LoadEntry `json:"entries"`
}
type GetRequest struct {
Keys []Key `json:"keys"`
}
type GetResponse struct {
Results []*Entry `json:"results"`
}
type QueryParam struct {
Name string `json:"name"`
Value interface{} `json:"value"`
}
type QueryRequest struct {
QueryName string `json:"query_name"`
Params []QueryParam `json:"params"`
Shards []string `json:"shards"`
}
func (r *QueryRequest) ParamsMap() map[string]interface{} {
m := make(map[string]interface{})
for _, p := range r.Params {
m[p.Name] = p.Value
}
return m
}
type QueryResponse struct {
Results [][]interface{} `json:"results"`
Partial bool `json:"partial"`
}
// An 'encoded JSON' type that encodes to native JSON.
type EncodedJSON string
func (s EncodedJSON) MarshalJSON() ([]byte, error) {
return []byte(s), nil
}
func (s *EncodedJSON) UnmarshalJSON(data []byte) error {
*s = EncodedJSON(string(data))
return nil
}
package webappdb
import "time"
// App stores information about an application instance. The JSON
// fields should match the XML fields as used by 'freewvs --xml'.
type App struct {
Shard string `json:"shard"`
Path string `json:"directory"`
Site string `json:"site"`
Name string `json:"appname"`
Version string `json:"version"`
SafeVersion string `json:"safeversion"`
State string `json:"state"`
VulnInfo string `json:"vulninfo"`
Timestamp time.Time `json:"timestamp"`
}
// SubmissionRequest RPC.
type SubmissionRequest struct {
Shard string `json:"shard"`
Entries []*App `json:"entries"`
}
// FindAppsBySiteRequest RPC, handles multiple sites in a single
// request to minimize RPC latency.
type FindAppsBySiteRequest struct {
Sites []string `json:"sites"`
}
// FindAppsByVersionRequest RPC, handles multiple sites in a single
// request to minimize RPC latency.
type FindAppsByVersionRequest struct {
Name string `json:"name"`
Version string `json:"version"`
}
// FindAppsBySiteResponse is the response type for FindAppsBySiteRequest.
type FindAppsBySiteResponse struct {
Apps map[string][]*App `json:"apps"`
}
// FindAppsByVersionResponse is the response type for FindAppsByVersionRequest.
type FindAppsByVersionResponse struct {
Apps []*App `json:"apps"`
}
// CountAppsRequest requests various types of aggregates.
type CountAppsRequest struct {
VulnerableOnly bool `json:"vulnerable_only"`
GroupByName bool `json:"group_by_name"`
GroupByVersion bool `json:"group_by_version"`
GroupBySite bool `json:"group_by_site"`
Limit int `json:"limit"`
}
type CountResult struct {
Keys []string `json:"keys"`
Count int `json:"count"`
}
type CountAppsResponse struct {
Fields []string `json:"fields"`
Results []CountResult `json:"results"`
}
......@@ -22,6 +22,7 @@ type HWND uintptr
const (
InvalidHandle = ^Handle(0)
InvalidHWND = ^HWND(0)
// Flags for DefineDosDevice.
DDD_EXACT_MATCH_ON_REMOVE = 0x00000004
......@@ -215,7 +216,7 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys CreateProcess(appName *uint16, commandLine *uint16, procSecurity *SecurityAttributes, threadSecurity *SecurityAttributes, inheritHandles bool, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *StartupInfo, outProcInfo *ProcessInformation) (err error) = CreateProcessW
//sys OpenProcess(desiredAccess uint32, inheritHandle bool, processId uint32) (handle Handle, err error)
//sys ShellExecute(hwnd Handle, verb *uint16, file *uint16, args *uint16, cwd *uint16, showCmd int32) (err error) [failretval<=32] = shell32.ShellExecuteW
//sys GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32) = user32.GetWindowThreadProcessId
//sys GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32, err error) = user32.GetWindowThreadProcessId
//sys GetShellWindow() (shellWindow HWND) = user32.GetShellWindow
//sys MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) [failretval==0] = user32.MessageBoxW
//sys ExitWindowsEx(flags uint32, reason uint32) (err error) = user32.ExitWindowsEx
......@@ -264,19 +265,29 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys VirtualProtect(address uintptr, size uintptr, newprotect uint32, oldprotect *uint32) (err error) = kernel32.VirtualProtect
//sys TransmitFile(s Handle, handle Handle, bytesToWrite uint32, bytsPerSend uint32, overlapped *Overlapped, transmitFileBuf *TransmitFileBuffers, flags uint32) (err error) = mswsock.TransmitFile
//sys ReadDirectoryChanges(handle Handle, buf *byte, buflen uint32, watchSubTree bool, mask uint32, retlen *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) = kernel32.ReadDirectoryChangesW
//sys FindFirstChangeNotification(path string, watchSubtree bool, notifyFilter uint32) (handle Handle, err error) [failretval==InvalidHandle] = kernel32.FindFirstChangeNotificationW
//sys FindNextChangeNotification(handle Handle) (err error)
//sys FindCloseChangeNotification(handle Handle) (err error)
//sys CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) = crypt32.CertOpenSystemStoreW
//sys CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) = crypt32.CertOpenStore
//sys CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) = crypt32.CertOpenStore
//sys CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) [failretval==nil] = crypt32.CertEnumCertificatesInStore
//sys CertAddCertificateContextToStore(store Handle, certContext *CertContext, addDisposition uint32, storeContext **CertContext) (err error) = crypt32.CertAddCertificateContextToStore
//sys CertAddCertificateContextToStore(store Handle, certContext *CertContext, addDisposition uint32, storeContext **CertContext) (err error) = crypt32.CertAddCertificateContextToStore
//sys CertCloseStore(store Handle, flags uint32) (err error) = crypt32.CertCloseStore
//sys CertDeleteCertificateFromStore(certContext *CertContext) (err error) = crypt32.CertDeleteCertificateFromStore
//sys CertDuplicateCertificateContext(certContext *CertContext) (dupContext *CertContext) = crypt32.CertDuplicateCertificateContext
//sys PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) = crypt32.PFXImportCertStore
//sys CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, additionalStore Handle, para *CertChainPara, flags uint32, reserved uintptr, chainCtx **CertChainContext) (err error) = crypt32.CertGetCertificateChain
//sys CertFreeCertificateChain(ctx *CertChainContext) = crypt32.CertFreeCertificateChain
//sys CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, encodedLen uint32) (context *CertContext, err error) [failretval==nil] = crypt32.CertCreateCertificateContext
//sys CertFreeCertificateContext(ctx *CertContext) (err error) = crypt32.CertFreeCertificateContext
//sys CertVerifyCertificateChainPolicy(policyOID uintptr, chain *CertChainContext, para *CertChainPolicyPara, status *CertChainPolicyStatus) (err error) = crypt32.CertVerifyCertificateChainPolicy
//sys PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) = crypt32.PFXImportCertStore
//sys CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, additionalStore Handle, para *CertChainPara, flags uint32, reserved uintptr, chainCtx **CertChainContext) (err error) = crypt32.CertGetCertificateChain
//sys CertFreeCertificateChain(ctx *CertChainContext) = crypt32.CertFreeCertificateChain
//sys CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, encodedLen uint32) (context *CertContext, err error) [failretval==nil] = crypt32.CertCreateCertificateContext
//sys CertFreeCertificateContext(ctx *CertContext) (err error) = crypt32.CertFreeCertificateContext
//sys CertVerifyCertificateChainPolicy(policyOID uintptr, chain *CertChainContext, para *CertChainPolicyPara, status *CertChainPolicyStatus) (err error) = crypt32.CertVerifyCertificateChainPolicy
//sys CertGetNameString(certContext *CertContext, nameType uint32, flags uint32, typePara unsafe.Pointer, name *uint16, size uint32) (chars uint32) = crypt32.CertGetNameStringW
//sys CertFindExtension(objId *byte, countExtensions uint32, extensions *CertExtension) (ret *CertExtension) = crypt32.CertFindExtension
//sys CryptQueryObject(objectType uint32, object unsafe.Pointer, expectedContentTypeFlags uint32, expectedFormatTypeFlags uint32, flags uint32, msgAndCertEncodingType *uint32, contentType *uint32, formatType *uint32, certStore *Handle, msg *Handle, context *unsafe.Pointer) (err error) = crypt32.CryptQueryObject
//sys CryptDecodeObject(encodingType uint32, structType *byte, encodedBytes *byte, lenEncodedBytes uint32, flags uint32, decoded unsafe.Pointer, decodedLen *uint32) (err error) = crypt32.CryptDecodeObject
//sys CryptProtectData(dataIn *DataBlob, name *uint16, optionalEntropy *DataBlob, reserved uintptr, promptStruct *CryptProtectPromptStruct, flags uint32, dataOut *DataBlob) (err error) = crypt32.CryptProtectData
//sys CryptUnprotectData(dataIn *DataBlob, name **uint16, optionalEntropy *DataBlob, reserved uintptr, promptStruct *CryptProtectPromptStruct, flags uint32, dataOut *DataBlob) (err error) = crypt32.CryptUnprotectData
//sys WinVerifyTrustEx(hwnd HWND, actionId *GUID, data *WinTrustData) (ret error) = wintrust.WinVerifyTrustEx
//sys RegOpenKeyEx(key Handle, subkey *uint16, options uint32, desiredAccess uint32, result *Handle) (regerrno error) = advapi32.RegOpenKeyExW
//sys RegCloseKey(key Handle) (regerrno error) = advapi32.RegCloseKey
//sys RegQueryInfoKey(key Handle, class *uint16, classLen *uint32, reserved *uint32, subkeysLen *uint32, maxSubkeyLen *uint32, maxClassLen *uint32, valuesLen *uint32, maxValueNameLen *uint32, maxValueLen *uint32, saLen *uint32, lastWriteTime *Filetime) (regerrno error) = advapi32.RegQueryInfoKeyW
......
......@@ -227,7 +227,7 @@ const (
)
const (
// filters for ReadDirectoryChangesW
// filters for ReadDirectoryChangesW and FindFirstChangeNotificationW
FILE_NOTIFY_CHANGE_FILE_NAME = 0x001
FILE_NOTIFY_CHANGE_DIR_NAME = 0x002
FILE_NOTIFY_CHANGE_ATTRIBUTES = 0x004
......@@ -427,6 +427,67 @@ const (
CERT_CLOSE_STORE_FORCE_FLAG = 0x00000001
CERT_CLOSE_STORE_CHECK_FLAG = 0x00000002
/* CryptQueryObject object type */
CERT_QUERY_OBJECT_FILE = 1
CERT_QUERY_OBJECT_BLOB = 2
/* CryptQueryObject content type flags */
CERT_QUERY_CONTENT_CERT = 1
CERT_QUERY_CONTENT_CTL = 2
CERT_QUERY_CONTENT_CRL = 3
CERT_QUERY_CONTENT_SERIALIZED_STORE = 4
CERT_QUERY_CONTENT_SERIALIZED_CERT = 5
CERT_QUERY_CONTENT_SERIALIZED_CTL = 6
CERT_QUERY_CONTENT_SERIALIZED_CRL = 7
CERT_QUERY_CONTENT_PKCS7_SIGNED = 8
CERT_QUERY_CONTENT_PKCS7_UNSIGNED = 9
CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED = 10
CERT_QUERY_CONTENT_PKCS10 = 11
CERT_QUERY_CONTENT_PFX = 12
CERT_QUERY_CONTENT_CERT_PAIR = 13
CERT_QUERY_CONTENT_PFX_AND_LOAD = 14
CERT_QUERY_CONTENT_FLAG_CERT = (1 << CERT_QUERY_CONTENT_CERT)
CERT_QUERY_CONTENT_FLAG_CTL = (1 << CERT_QUERY_CONTENT_CTL)
CERT_QUERY_CONTENT_FLAG_CRL = (1 << CERT_QUERY_CONTENT_CRL)
CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE = (1 << CERT_QUERY_CONTENT_SERIALIZED_STORE)
CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT = (1 << CERT_QUERY_CONTENT_SERIALIZED_CERT)
CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL = (1 << CERT_QUERY_CONTENT_SERIALIZED_CTL)
CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL = (1 << CERT_QUERY_CONTENT_SERIALIZED_CRL)
CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED = (1 << CERT_QUERY_CONTENT_PKCS7_SIGNED)
CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED = (1 << CERT_QUERY_CONTENT_PKCS7_UNSIGNED)
CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED = (1 << CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED)
CERT_QUERY_CONTENT_FLAG_PKCS10 = (1 << CERT_QUERY_CONTENT_PKCS10)
CERT_QUERY_CONTENT_FLAG_PFX = (1 << CERT_QUERY_CONTENT_PFX)
CERT_QUERY_CONTENT_FLAG_CERT_PAIR = (1 << CERT_QUERY_CONTENT_CERT_PAIR)
CERT_QUERY_CONTENT_FLAG_PFX_AND_LOAD = (1 << CERT_QUERY_CONTENT_PFX_AND_LOAD)
CERT_QUERY_CONTENT_FLAG_ALL = (CERT_QUERY_CONTENT_FLAG_CERT | CERT_QUERY_CONTENT_FLAG_CTL | CERT_QUERY_CONTENT_FLAG_CRL | CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL | CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED | CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED | CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED | CERT_QUERY_CONTENT_FLAG_PKCS10 | CERT_QUERY_CONTENT_FLAG_PFX | CERT_QUERY_CONTENT_FLAG_CERT_PAIR)
CERT_QUERY_CONTENT_FLAG_ALL_ISSUER_CERT = (CERT_QUERY_CONTENT_FLAG_CERT | CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT | CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED | CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED)
/* CryptQueryObject format type flags */
CERT_QUERY_FORMAT_BINARY = 1
CERT_QUERY_FORMAT_BASE64_ENCODED = 2
CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED = 3
CERT_QUERY_FORMAT_FLAG_BINARY = (1 << CERT_QUERY_FORMAT_BINARY)
CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED = (1 << CERT_QUERY_FORMAT_BASE64_ENCODED)
CERT_QUERY_FORMAT_FLAG_ASN_ASCII_HEX_ENCODED = (1 << CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED)
CERT_QUERY_FORMAT_FLAG_ALL = (CERT_QUERY_FORMAT_FLAG_BINARY | CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED | CERT_QUERY_FORMAT_FLAG_ASN_ASCII_HEX_ENCODED)