win32-security 0.3.1 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/CHANGES +63 -57
- data/MANIFEST +11 -9
- data/README +53 -53
- data/Rakefile +58 -61
- data/certs/djberg96_pub.pem +21 -0
- data/lib/win32-security.rb +1 -0
- data/lib/win32/security.rb +91 -91
- data/lib/win32/security/ace.rb +75 -75
- data/lib/win32/security/acl.rb +224 -224
- data/lib/win32/security/sid.rb +394 -394
- data/lib/win32/security/windows/constants.rb +184 -184
- data/lib/win32/security/windows/functions.rb +116 -116
- data/lib/win32/security/windows/structs.rb +94 -94
- data/test/test_ace.rb +48 -48
- data/test/test_acl.rb +101 -101
- data/test/test_security.rb +23 -23
- data/test/test_sid.rb +142 -142
- data/win32-security.gemspec +28 -27
- metadata +48 -18
- metadata.gz.sig +0 -0
@@ -1,94 +1,94 @@
|
|
1
|
-
require 'ffi'
|
2
|
-
|
3
|
-
module Windows
|
4
|
-
module Security
|
5
|
-
module Structs
|
6
|
-
extend FFI::Library
|
7
|
-
|
8
|
-
private
|
9
|
-
|
10
|
-
class SID_IDENTIFIER_AUTHORITY < FFI::Struct
|
11
|
-
layout(:Value, [:char, 6])
|
12
|
-
end
|
13
|
-
|
14
|
-
class OSVERSIONINFO < FFI::Struct
|
15
|
-
layout(
|
16
|
-
:dwOSVersionInfoSize, :ulong,
|
17
|
-
:dwMajorVersion, :ulong,
|
18
|
-
:dwMinorVersion, :ulong,
|
19
|
-
:dwBuildNumber, :ulong,
|
20
|
-
:dwPlatformId, :ulong,
|
21
|
-
:szCSDVersion, [:char, 128]
|
22
|
-
)
|
23
|
-
end
|
24
|
-
|
25
|
-
class ACE_HEADER < FFI::Struct
|
26
|
-
layout(
|
27
|
-
:AceType, :uchar,
|
28
|
-
:AceFlags, :uchar,
|
29
|
-
:AceSize, :ushort
|
30
|
-
)
|
31
|
-
end
|
32
|
-
|
33
|
-
# Generic struct we made up and inspect later to determine type.
|
34
|
-
class ACCESS_GENERIC_ACE < FFI::Struct
|
35
|
-
layout(
|
36
|
-
:Header, ACE_HEADER,
|
37
|
-
:Mask, :ulong,
|
38
|
-
:SidStart, :ulong
|
39
|
-
)
|
40
|
-
end
|
41
|
-
|
42
|
-
class ACCESS_ALLOWED_ACE < FFI::Struct
|
43
|
-
layout(
|
44
|
-
:Header, ACE_HEADER,
|
45
|
-
:Mask, :ulong,
|
46
|
-
:SidStart, :ulong
|
47
|
-
)
|
48
|
-
end
|
49
|
-
|
50
|
-
class ACCESS_DENIED_ACE < FFI::Struct
|
51
|
-
layout(
|
52
|
-
:Header, ACE_HEADER,
|
53
|
-
:Mask, :ulong,
|
54
|
-
:SidStart, :ulong
|
55
|
-
)
|
56
|
-
end
|
57
|
-
|
58
|
-
class ACCESS_ALLOWED_ACE2 < FFI::Struct
|
59
|
-
layout(
|
60
|
-
:Header, ACE_HEADER,
|
61
|
-
:Mask, :ulong,
|
62
|
-
:SidStart, :ulong,
|
63
|
-
:dummy, [:uchar, 40]
|
64
|
-
)
|
65
|
-
end
|
66
|
-
|
67
|
-
class ACL_STRUCT < FFI::Struct
|
68
|
-
layout(
|
69
|
-
:AclRevision, :uchar,
|
70
|
-
:Sbz1, :uchar,
|
71
|
-
:AclSize, :ushort,
|
72
|
-
:AceCount, :ushort,
|
73
|
-
:Sbz2, :ushort
|
74
|
-
)
|
75
|
-
end
|
76
|
-
|
77
|
-
class ACL_SIZE_INFORMATION < FFI::Struct
|
78
|
-
layout(
|
79
|
-
:AceCount, :ulong,
|
80
|
-
:AclBytesInUse, :ulong,
|
81
|
-
:AclBytesFree, :ulong
|
82
|
-
)
|
83
|
-
end
|
84
|
-
|
85
|
-
class SECURITY_ATTRIBUTES < FFI::Struct
|
86
|
-
layout(
|
87
|
-
:nLength, :ulong,
|
88
|
-
:lpSecurityDescriptor, :ulong,
|
89
|
-
:bInheritHandle, :
|
90
|
-
)
|
91
|
-
end
|
92
|
-
end
|
93
|
-
end
|
94
|
-
end
|
1
|
+
require 'ffi'
|
2
|
+
|
3
|
+
module Windows
|
4
|
+
module Security
|
5
|
+
module Structs
|
6
|
+
extend FFI::Library
|
7
|
+
|
8
|
+
private
|
9
|
+
|
10
|
+
class SID_IDENTIFIER_AUTHORITY < FFI::Struct
|
11
|
+
layout(:Value, [:char, 6])
|
12
|
+
end
|
13
|
+
|
14
|
+
class OSVERSIONINFO < FFI::Struct
|
15
|
+
layout(
|
16
|
+
:dwOSVersionInfoSize, :ulong,
|
17
|
+
:dwMajorVersion, :ulong,
|
18
|
+
:dwMinorVersion, :ulong,
|
19
|
+
:dwBuildNumber, :ulong,
|
20
|
+
:dwPlatformId, :ulong,
|
21
|
+
:szCSDVersion, [:char, 128]
|
22
|
+
)
|
23
|
+
end
|
24
|
+
|
25
|
+
class ACE_HEADER < FFI::Struct
|
26
|
+
layout(
|
27
|
+
:AceType, :uchar,
|
28
|
+
:AceFlags, :uchar,
|
29
|
+
:AceSize, :ushort
|
30
|
+
)
|
31
|
+
end
|
32
|
+
|
33
|
+
# Generic struct we made up and inspect later to determine type.
|
34
|
+
class ACCESS_GENERIC_ACE < FFI::Struct
|
35
|
+
layout(
|
36
|
+
:Header, ACE_HEADER,
|
37
|
+
:Mask, :ulong,
|
38
|
+
:SidStart, :ulong
|
39
|
+
)
|
40
|
+
end
|
41
|
+
|
42
|
+
class ACCESS_ALLOWED_ACE < FFI::Struct
|
43
|
+
layout(
|
44
|
+
:Header, ACE_HEADER,
|
45
|
+
:Mask, :ulong,
|
46
|
+
:SidStart, :ulong
|
47
|
+
)
|
48
|
+
end
|
49
|
+
|
50
|
+
class ACCESS_DENIED_ACE < FFI::Struct
|
51
|
+
layout(
|
52
|
+
:Header, ACE_HEADER,
|
53
|
+
:Mask, :ulong,
|
54
|
+
:SidStart, :ulong
|
55
|
+
)
|
56
|
+
end
|
57
|
+
|
58
|
+
class ACCESS_ALLOWED_ACE2 < FFI::Struct
|
59
|
+
layout(
|
60
|
+
:Header, ACE_HEADER,
|
61
|
+
:Mask, :ulong,
|
62
|
+
:SidStart, :ulong,
|
63
|
+
:dummy, [:uchar, 40]
|
64
|
+
)
|
65
|
+
end
|
66
|
+
|
67
|
+
class ACL_STRUCT < FFI::Struct
|
68
|
+
layout(
|
69
|
+
:AclRevision, :uchar,
|
70
|
+
:Sbz1, :uchar,
|
71
|
+
:AclSize, :ushort,
|
72
|
+
:AceCount, :ushort,
|
73
|
+
:Sbz2, :ushort
|
74
|
+
)
|
75
|
+
end
|
76
|
+
|
77
|
+
class ACL_SIZE_INFORMATION < FFI::Struct
|
78
|
+
layout(
|
79
|
+
:AceCount, :ulong,
|
80
|
+
:AclBytesInUse, :ulong,
|
81
|
+
:AclBytesFree, :ulong
|
82
|
+
)
|
83
|
+
end
|
84
|
+
|
85
|
+
class SECURITY_ATTRIBUTES < FFI::Struct
|
86
|
+
layout(
|
87
|
+
:nLength, :ulong,
|
88
|
+
:lpSecurityDescriptor, :ulong,
|
89
|
+
:bInheritHandle, :int
|
90
|
+
)
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
94
|
+
end
|
data/test/test_ace.rb
CHANGED
@@ -1,48 +1,48 @@
|
|
1
|
-
########################################################################
|
2
|
-
# test_ace.rb
|
3
|
-
#
|
4
|
-
# Test suite for the Win32::Security::ACE class.
|
5
|
-
########################################################################
|
6
|
-
require 'test-unit'
|
7
|
-
require 'win32/security'
|
8
|
-
require 'win32/security/sid'
|
9
|
-
require 'win32/security/acl'
|
10
|
-
require 'win32/security/ace'
|
11
|
-
|
12
|
-
class TC_Win32_Security_Ace < Test::Unit::TestCase
|
13
|
-
def setup
|
14
|
-
@ace = Win32::Security::ACE.new(1, 1, 1)
|
15
|
-
end
|
16
|
-
|
17
|
-
test "ACE version is set to the expected value" do
|
18
|
-
assert_equal('0.1.0', Win32::Security::ACE::VERSION)
|
19
|
-
end
|
20
|
-
|
21
|
-
test "ace_type basic functionality" do
|
22
|
-
assert_respond_to(@ace, :ace_type)
|
23
|
-
assert_equal(1, @ace.ace_type)
|
24
|
-
end
|
25
|
-
|
26
|
-
test "access_mask basic functionality" do
|
27
|
-
assert_respond_to(@ace, :access_mask)
|
28
|
-
assert_equal(1, @ace.access_mask)
|
29
|
-
end
|
30
|
-
|
31
|
-
test "flags basic functionality" do
|
32
|
-
assert_respond_to(@ace, :flags)
|
33
|
-
assert_equal(1, @ace.flags)
|
34
|
-
end
|
35
|
-
|
36
|
-
test "ace_type_string basic functionality" do
|
37
|
-
assert_respond_to(@ace, :ace_type_string)
|
38
|
-
assert_kind_of(String, @ace.ace_type_string)
|
39
|
-
end
|
40
|
-
|
41
|
-
test "ace_type_string returns the expected value" do
|
42
|
-
assert_equal('ACCESS_DENIED_ACE_TYPE', @ace.ace_type_string)
|
43
|
-
end
|
44
|
-
|
45
|
-
def teardown
|
46
|
-
@ace = nil
|
47
|
-
end
|
48
|
-
end
|
1
|
+
########################################################################
|
2
|
+
# test_ace.rb
|
3
|
+
#
|
4
|
+
# Test suite for the Win32::Security::ACE class.
|
5
|
+
########################################################################
|
6
|
+
require 'test-unit'
|
7
|
+
require 'win32/security'
|
8
|
+
require 'win32/security/sid'
|
9
|
+
require 'win32/security/acl'
|
10
|
+
require 'win32/security/ace'
|
11
|
+
|
12
|
+
class TC_Win32_Security_Ace < Test::Unit::TestCase
|
13
|
+
def setup
|
14
|
+
@ace = Win32::Security::ACE.new(1, 1, 1)
|
15
|
+
end
|
16
|
+
|
17
|
+
test "ACE version is set to the expected value" do
|
18
|
+
assert_equal('0.1.0', Win32::Security::ACE::VERSION)
|
19
|
+
end
|
20
|
+
|
21
|
+
test "ace_type basic functionality" do
|
22
|
+
assert_respond_to(@ace, :ace_type)
|
23
|
+
assert_equal(1, @ace.ace_type)
|
24
|
+
end
|
25
|
+
|
26
|
+
test "access_mask basic functionality" do
|
27
|
+
assert_respond_to(@ace, :access_mask)
|
28
|
+
assert_equal(1, @ace.access_mask)
|
29
|
+
end
|
30
|
+
|
31
|
+
test "flags basic functionality" do
|
32
|
+
assert_respond_to(@ace, :flags)
|
33
|
+
assert_equal(1, @ace.flags)
|
34
|
+
end
|
35
|
+
|
36
|
+
test "ace_type_string basic functionality" do
|
37
|
+
assert_respond_to(@ace, :ace_type_string)
|
38
|
+
assert_kind_of(String, @ace.ace_type_string)
|
39
|
+
end
|
40
|
+
|
41
|
+
test "ace_type_string returns the expected value" do
|
42
|
+
assert_equal('ACCESS_DENIED_ACE_TYPE', @ace.ace_type_string)
|
43
|
+
end
|
44
|
+
|
45
|
+
def teardown
|
46
|
+
@ace = nil
|
47
|
+
end
|
48
|
+
end
|
data/test/test_acl.rb
CHANGED
@@ -1,101 +1,101 @@
|
|
1
|
-
########################################################################
|
2
|
-
# test_acl.rb
|
3
|
-
#
|
4
|
-
# Test suite for the Win32::Security::ACL class. You should run these
|
5
|
-
# tests via the 'rake test' task.
|
6
|
-
########################################################################
|
7
|
-
require 'test-unit'
|
8
|
-
require 'win32/security'
|
9
|
-
require 'win32/security/sid'
|
10
|
-
require 'win32/security/acl'
|
11
|
-
|
12
|
-
class TC_Win32_Security_Acl < Test::Unit::TestCase
|
13
|
-
def setup
|
14
|
-
@acl = Win32::Security::ACL.new
|
15
|
-
end
|
16
|
-
|
17
|
-
test "ACL version is set to the expected value" do
|
18
|
-
assert_equal('0.2.0', Win32::Security::ACL::VERSION)
|
19
|
-
end
|
20
|
-
|
21
|
-
test "ace_count basic functionality" do
|
22
|
-
assert_respond_to(@acl, :ace_count)
|
23
|
-
assert_kind_of(Fixnum, @acl.ace_count)
|
24
|
-
end
|
25
|
-
|
26
|
-
test "ace_count returns the expected value" do
|
27
|
-
assert_equal(0, @acl.ace_count)
|
28
|
-
end
|
29
|
-
|
30
|
-
test "ace_count does not accept any arguments" do
|
31
|
-
assert_raise(ArgumentError){ @acl.ace_count(0) }
|
32
|
-
end
|
33
|
-
|
34
|
-
test "acl method basic functionality" do
|
35
|
-
assert_respond_to(@acl, :acl)
|
36
|
-
assert_nothing_raised{ @acl.acl }
|
37
|
-
end
|
38
|
-
|
39
|
-
test "add_access_allowed_ace basic functionality" do
|
40
|
-
assert_respond_to(@acl, :add_access_allowed_ace)
|
41
|
-
end
|
42
|
-
|
43
|
-
test "add_access_denied_ace basic functionality" do
|
44
|
-
assert_respond_to(@acl, :add_access_denied_ace)
|
45
|
-
end
|
46
|
-
|
47
|
-
test "add_ace basic functionality" do
|
48
|
-
assert_respond_to(@acl, :add_ace)
|
49
|
-
end
|
50
|
-
|
51
|
-
test "delete_ace basic functionality" do
|
52
|
-
assert_respond_to(@acl, :delete_ace)
|
53
|
-
end
|
54
|
-
|
55
|
-
test "find_ace basic functionality" do
|
56
|
-
assert_respond_to(@acl, :find_ace)
|
57
|
-
end
|
58
|
-
|
59
|
-
test "find_ace returns an ACE object if there is one to find" do
|
60
|
-
@acl.add_access_allowed_ace('Guest', Win32::Security::ACL::GENERIC_READ)
|
61
|
-
assert_kind_of(Win32::Security::ACE, @acl.find_ace)
|
62
|
-
end
|
63
|
-
|
64
|
-
test "find_ace accepts an integer argument" do
|
65
|
-
@acl.add_access_allowed_ace('Guest', Win32::Security::ACL::GENERIC_READ)
|
66
|
-
assert_kind_of(Win32::Security::ACE, @acl.find_ace(0))
|
67
|
-
end
|
68
|
-
|
69
|
-
test "revision getter basic functionality" do
|
70
|
-
assert_respond_to(@acl, :revision)
|
71
|
-
assert_kind_of(Fixnum, @acl.revision)
|
72
|
-
end
|
73
|
-
|
74
|
-
test "revision setter basic functionality" do
|
75
|
-
assert_respond_to(@acl, :revision=)
|
76
|
-
assert_nothing_raised{ @acl.revision = 3 }
|
77
|
-
assert_kind_of(Fixnum, @acl.revision = 3)
|
78
|
-
end
|
79
|
-
|
80
|
-
test "revision setter sets and returns the new value" do
|
81
|
-
assert_equal(3, @acl.revision = 3)
|
82
|
-
assert_equal(3, @acl.revision)
|
83
|
-
end
|
84
|
-
|
85
|
-
test "valid? basic functionality" do
|
86
|
-
assert_respond_to(@acl, :valid?)
|
87
|
-
assert_boolean(@acl.valid?)
|
88
|
-
end
|
89
|
-
|
90
|
-
test "valid? returns the expected value" do
|
91
|
-
assert_true(@acl.valid?)
|
92
|
-
end
|
93
|
-
|
94
|
-
test "ffi functions are private" do
|
95
|
-
assert_not_respond_to(@acl, :CloseHandle)
|
96
|
-
end
|
97
|
-
|
98
|
-
def teardown
|
99
|
-
@acl = nil
|
100
|
-
end
|
101
|
-
end
|
1
|
+
########################################################################
|
2
|
+
# test_acl.rb
|
3
|
+
#
|
4
|
+
# Test suite for the Win32::Security::ACL class. You should run these
|
5
|
+
# tests via the 'rake test' task.
|
6
|
+
########################################################################
|
7
|
+
require 'test-unit'
|
8
|
+
require 'win32/security'
|
9
|
+
require 'win32/security/sid'
|
10
|
+
require 'win32/security/acl'
|
11
|
+
|
12
|
+
class TC_Win32_Security_Acl < Test::Unit::TestCase
|
13
|
+
def setup
|
14
|
+
@acl = Win32::Security::ACL.new
|
15
|
+
end
|
16
|
+
|
17
|
+
test "ACL version is set to the expected value" do
|
18
|
+
assert_equal('0.2.0', Win32::Security::ACL::VERSION)
|
19
|
+
end
|
20
|
+
|
21
|
+
test "ace_count basic functionality" do
|
22
|
+
assert_respond_to(@acl, :ace_count)
|
23
|
+
assert_kind_of(Fixnum, @acl.ace_count)
|
24
|
+
end
|
25
|
+
|
26
|
+
test "ace_count returns the expected value" do
|
27
|
+
assert_equal(0, @acl.ace_count)
|
28
|
+
end
|
29
|
+
|
30
|
+
test "ace_count does not accept any arguments" do
|
31
|
+
assert_raise(ArgumentError){ @acl.ace_count(0) }
|
32
|
+
end
|
33
|
+
|
34
|
+
test "acl method basic functionality" do
|
35
|
+
assert_respond_to(@acl, :acl)
|
36
|
+
assert_nothing_raised{ @acl.acl }
|
37
|
+
end
|
38
|
+
|
39
|
+
test "add_access_allowed_ace basic functionality" do
|
40
|
+
assert_respond_to(@acl, :add_access_allowed_ace)
|
41
|
+
end
|
42
|
+
|
43
|
+
test "add_access_denied_ace basic functionality" do
|
44
|
+
assert_respond_to(@acl, :add_access_denied_ace)
|
45
|
+
end
|
46
|
+
|
47
|
+
test "add_ace basic functionality" do
|
48
|
+
assert_respond_to(@acl, :add_ace)
|
49
|
+
end
|
50
|
+
|
51
|
+
test "delete_ace basic functionality" do
|
52
|
+
assert_respond_to(@acl, :delete_ace)
|
53
|
+
end
|
54
|
+
|
55
|
+
test "find_ace basic functionality" do
|
56
|
+
assert_respond_to(@acl, :find_ace)
|
57
|
+
end
|
58
|
+
|
59
|
+
test "find_ace returns an ACE object if there is one to find" do
|
60
|
+
@acl.add_access_allowed_ace('Guest', Win32::Security::ACL::GENERIC_READ)
|
61
|
+
assert_kind_of(Win32::Security::ACE, @acl.find_ace)
|
62
|
+
end
|
63
|
+
|
64
|
+
test "find_ace accepts an integer argument" do
|
65
|
+
@acl.add_access_allowed_ace('Guest', Win32::Security::ACL::GENERIC_READ)
|
66
|
+
assert_kind_of(Win32::Security::ACE, @acl.find_ace(0))
|
67
|
+
end
|
68
|
+
|
69
|
+
test "revision getter basic functionality" do
|
70
|
+
assert_respond_to(@acl, :revision)
|
71
|
+
assert_kind_of(Fixnum, @acl.revision)
|
72
|
+
end
|
73
|
+
|
74
|
+
test "revision setter basic functionality" do
|
75
|
+
assert_respond_to(@acl, :revision=)
|
76
|
+
assert_nothing_raised{ @acl.revision = 3 }
|
77
|
+
assert_kind_of(Fixnum, @acl.revision = 3)
|
78
|
+
end
|
79
|
+
|
80
|
+
test "revision setter sets and returns the new value" do
|
81
|
+
assert_equal(3, @acl.revision = 3)
|
82
|
+
assert_equal(3, @acl.revision)
|
83
|
+
end
|
84
|
+
|
85
|
+
test "valid? basic functionality" do
|
86
|
+
assert_respond_to(@acl, :valid?)
|
87
|
+
assert_boolean(@acl.valid?)
|
88
|
+
end
|
89
|
+
|
90
|
+
test "valid? returns the expected value" do
|
91
|
+
assert_true(@acl.valid?)
|
92
|
+
end
|
93
|
+
|
94
|
+
test "ffi functions are private" do
|
95
|
+
assert_not_respond_to(@acl, :CloseHandle)
|
96
|
+
end
|
97
|
+
|
98
|
+
def teardown
|
99
|
+
@acl = nil
|
100
|
+
end
|
101
|
+
end
|