package windows

const (
	O_DIRECTORY    = 0x100000   // target must be a directory
	O_NOFOLLOW_ANY = 0x20000000 // disallow symlinks anywhere in the path
	O_OPEN_REPARSE = 0x40000000 // FILE_OPEN_REPARSE_POINT, used by Lstat
)

Openat flags not supported by syscall.Open.

These are invented values.

When adding a new flag here, add an unexported version to the set of invented O_ values in syscall/types_windows.go to avoid overlap.

const (
	SIO_TCP_INITIAL_RTO                    = syscall.IOC_IN | syscall.IOC_VENDOR | 17
	TCP_INITIAL_RTO_UNSPECIFIED_RTT        = ^uint16(0)
	TCP_INITIAL_RTO_NO_SYN_RETRANSMISSIONS = ^uint8(1)
)

const (
	FSCTL_SET_REPARSE_POINT    = 0x000900A4
	IO_REPARSE_TAG_MOUNT_POINT = 0xA0000003
	IO_REPARSE_TAG_DEDUP       = 0x80000013
	IO_REPARSE_TAG_AF_UNIX     = 0x80000023

	SYMLINK_FLAG_RELATIVE = 1
)

Reparse tag values are taken from https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/c8e77b37-3909-4fe6-a4ea-2b9d423b1ee4

const (
	SecurityAnonymous      = 0
	SecurityIdentification = 1
	SecurityImpersonation  = 2
	SecurityDelegation     = 3
)

const (
	TOKEN_ADJUST_PRIVILEGES = 0x0020
	SE_PRIVILEGE_ENABLED    = 0x00000002
)

const (
	LG_INCLUDE_INDIRECT  = 0x1
	MAX_PREFERRED_LENGTH = 0xFFFFFFFF
)

const (
	NERR_UserNotFound syscall.Errno = 2221
	NERR_UserExists   syscall.Errno = 2224
)

const (
	SID_REVISION = 1
	// https://learn.microsoft.com/en-us/windows/win32/services/localsystem-account
	SECURITY_LOCAL_SYSTEM_RID = 18
	// https://learn.microsoft.com/en-us/windows/win32/services/localservice-account
	SECURITY_LOCAL_SERVICE_RID = 19
	// https://learn.microsoft.com/en-us/windows/win32/services/networkservice-account
	SECURITY_NETWORK_SERVICE_RID = 20
)

const (
	ERROR_INVALID_PARAMETER syscall.Errno = 87

	FILE_SUPPORTS_OBJECT_IDS      = 0x00010000
	FILE_SUPPORTS_OPEN_BY_FILE_ID = 0x01000000

	// symlink support for CreateSymbolicLink() starting with Windows 10 (1703, v10.0.14972)
	SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE = 0x2

	// FileInformationClass values
	FileBasicInfo                  = 0    // FILE_BASIC_INFO
	FileStandardInfo               = 1    // FILE_STANDARD_INFO
	FileNameInfo                   = 2    // FILE_NAME_INFO
	FileStreamInfo                 = 7    // FILE_STREAM_INFO
	FileCompressionInfo            = 8    // FILE_COMPRESSION_INFO
	FileAttributeTagInfo           = 9    // FILE_ATTRIBUTE_TAG_INFO
	FileIdBothDirectoryInfo        = 0xa  // FILE_ID_BOTH_DIR_INFO
	FileIdBothDirectoryRestartInfo = 0xb  // FILE_ID_BOTH_DIR_INFO
	FileRemoteProtocolInfo         = 0xd  // FILE_REMOTE_PROTOCOL_INFO
	FileFullDirectoryInfo          = 0xe  // FILE_FULL_DIR_INFO
	FileFullDirectoryRestartInfo   = 0xf  // FILE_FULL_DIR_INFO
	FileStorageInfo                = 0x10 // FILE_STORAGE_INFO
	FileAlignmentInfo              = 0x11 // FILE_ALIGNMENT_INFO
	FileIdInfo                     = 0x12 // FILE_ID_INFO
	FileIdExtdDirectoryInfo        = 0x13 // FILE_ID_EXTD_DIR_INFO
	FileIdExtdDirectoryRestartInfo = 0x14 // FILE_ID_EXTD_DIR_INFO
)

const (
	ERROR_BAD_LENGTH             syscall.Errno = 24
	ERROR_SHARING_VIOLATION      syscall.Errno = 32
	ERROR_LOCK_VIOLATION         syscall.Errno = 33
	ERROR_NOT_SUPPORTED          syscall.Errno = 50
	ERROR_CALL_NOT_IMPLEMENTED   syscall.Errno = 120
	ERROR_INVALID_NAME           syscall.Errno = 123
	ERROR_LOCK_FAILED            syscall.Errno = 167
	ERROR_NO_TOKEN               syscall.Errno = 1008
	ERROR_NO_UNICODE_TRANSLATION syscall.Errno = 1113
	ERROR_CANT_ACCESS_FILE       syscall.Errno = 1920
)

const (
	GAA_FLAG_INCLUDE_PREFIX   = 0x00000010
	GAA_FLAG_INCLUDE_GATEWAYS = 0x0080
)

const (
	IF_TYPE_OTHER              = 1
	IF_TYPE_ETHERNET_CSMACD    = 6
	IF_TYPE_ISO88025_TOKENRING = 9
	IF_TYPE_PPP                = 23
	IF_TYPE_SOFTWARE_LOOPBACK  = 24
	IF_TYPE_ATM                = 37
	IF_TYPE_IEEE80211          = 71
	IF_TYPE_TUNNEL             = 131
	IF_TYPE_IEEE1394           = 144
)

const (
	IfOperStatusUp             = 1
	IfOperStatusDown           = 2
	IfOperStatusTesting        = 3
	IfOperStatusUnknown        = 4
	IfOperStatusDormant        = 5
	IfOperStatusNotPresent     = 6
	IfOperStatusLowerLayerDown = 7
)

const (
	// flags for CreateToolhelp32Snapshot
	TH32CS_SNAPMODULE   = 0x08
	TH32CS_SNAPMODULE32 = 0x10
)

const (
	WSA_FLAG_OVERLAPPED        = 0x01
	WSA_FLAG_NO_HANDLE_INHERIT = 0x80

	WSAEINVAL       syscall.Errno = 10022
	WSAEMSGSIZE     syscall.Errno = 10040
	WSAEAFNOSUPPORT syscall.Errno = 10047

	MSG_PEEK   = 0x2
	MSG_TRUNC  = 0x0100
	MSG_CTRUNC = 0x0200
)

const (
	ComputerNameNetBIOS                   = 0
	ComputerNameDnsHostname               = 1
	ComputerNameDnsDomain                 = 2
	ComputerNameDnsFullyQualified         = 3
	ComputerNamePhysicalNetBIOS           = 4
	ComputerNamePhysicalDnsHostname       = 5
	ComputerNamePhysicalDnsDomain         = 6
	ComputerNamePhysicalDnsFullyQualified = 7
	ComputerNameMax                       = 8

	MOVEFILE_REPLACE_EXISTING      = 0x1
	MOVEFILE_COPY_ALLOWED          = 0x2
	MOVEFILE_DELAY_UNTIL_REBOOT    = 0x4
	MOVEFILE_WRITE_THROUGH         = 0x8
	MOVEFILE_CREATE_HARDLINK       = 0x10
	MOVEFILE_FAIL_IF_NOT_TRACKABLE = 0x20
)

const (
	LOCKFILE_FAIL_IMMEDIATELY = 0x00000001
	LOCKFILE_EXCLUSIVE_LOCK   = 0x00000002
)

const (
	STYPE_DISKTREE  = 0x00
	STYPE_TEMPORARY = 0x40000000
)

Constants from lmshare.h

const (
	FILE_NAME_NORMALIZED = 0x0
	FILE_NAME_OPENED     = 0x8

	VOLUME_NAME_DOS  = 0x0
	VOLUME_NAME_GUID = 0x1
	VOLUME_NAME_NONE = 0x4
	VOLUME_NAME_NT   = 0x2
)

const (
	SERVICE_RUNNING      = 4
	SERVICE_QUERY_STATUS = 4
)

const (
	TCP_KEEPIDLE  = 0x03
	TCP_KEEPCNT   = 0x10
	TCP_KEEPINTVL = 0x11
)

Socket related.

const (
	FILE_READ_DATA        = 0x00000001
	FILE_READ_ATTRIBUTES  = 0x00000080
	FILE_READ_EA          = 0x00000008
	FILE_WRITE_DATA       = 0x00000002
	FILE_WRITE_ATTRIBUTES = 0x00000100
	FILE_WRITE_EA         = 0x00000010
	FILE_APPEND_DATA      = 0x00000004
	FILE_EXECUTE          = 0x00000020

	FILE_GENERIC_READ    = STANDARD_RIGHTS_READ | FILE_READ_DATA | FILE_READ_ATTRIBUTES | FILE_READ_EA | SYNCHRONIZE
	FILE_GENERIC_WRITE   = STANDARD_RIGHTS_WRITE | FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA | FILE_APPEND_DATA | SYNCHRONIZE
	FILE_GENERIC_EXECUTE = STANDARD_RIGHTS_EXECUTE | FILE_READ_ATTRIBUTES | FILE_EXECUTE | SYNCHRONIZE

	FILE_LIST_DIRECTORY = 0x00000001
	FILE_TRAVERSE       = 0x00000020

	FILE_SHARE_READ                      = 0x00000001
	FILE_SHARE_WRITE                     = 0x00000002
	FILE_SHARE_DELETE                    = 0x00000004
	FILE_ATTRIBUTE_READONLY              = 0x00000001
	FILE_ATTRIBUTE_HIDDEN                = 0x00000002
	FILE_ATTRIBUTE_SYSTEM                = 0x00000004
	FILE_ATTRIBUTE_DIRECTORY             = 0x00000010
	FILE_ATTRIBUTE_ARCHIVE               = 0x00000020
	FILE_ATTRIBUTE_DEVICE                = 0x00000040
	FILE_ATTRIBUTE_NORMAL                = 0x00000080
	FILE_ATTRIBUTE_TEMPORARY             = 0x00000100
	FILE_ATTRIBUTE_SPARSE_FILE           = 0x00000200
	FILE_ATTRIBUTE_REPARSE_POINT         = 0x00000400
	FILE_ATTRIBUTE_COMPRESSED            = 0x00000800
	FILE_ATTRIBUTE_OFFLINE               = 0x00001000
	FILE_ATTRIBUTE_NOT_CONTENT_INDEXED   = 0x00002000
	FILE_ATTRIBUTE_ENCRYPTED             = 0x00004000
	FILE_ATTRIBUTE_INTEGRITY_STREAM      = 0x00008000
	FILE_ATTRIBUTE_VIRTUAL               = 0x00010000
	FILE_ATTRIBUTE_NO_SCRUB_DATA         = 0x00020000
	FILE_ATTRIBUTE_RECALL_ON_OPEN        = 0x00040000
	FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS = 0x00400000

	INVALID_FILE_ATTRIBUTES = 0xffffffff
)

const (
	DELETE                   = 0x00010000
	READ_CONTROL             = 0x00020000
	WRITE_DAC                = 0x00040000
	WRITE_OWNER              = 0x00080000
	SYNCHRONIZE              = 0x00100000
	STANDARD_RIGHTS_REQUIRED = 0x000F0000
	STANDARD_RIGHTS_READ     = READ_CONTROL
	STANDARD_RIGHTS_WRITE    = READ_CONTROL
	STANDARD_RIGHTS_EXECUTE  = READ_CONTROL
	STANDARD_RIGHTS_ALL      = 0x001F0000
	SPECIFIC_RIGHTS_ALL      = 0x0000FFFF
	ACCESS_SYSTEM_SECURITY   = 0x01000000
	MAXIMUM_ALLOWED          = 0x02000000
	GENERIC_READ             = 0x80000000
	GENERIC_WRITE            = 0x40000000
	GENERIC_EXECUTE          = 0x20000000
	GENERIC_ALL              = 0x10000000
)

Constants for type ACCESS_MASK

const (
	OBJ_INHERIT                       = 0x00000002
	OBJ_PERMANENT                     = 0x00000010
	OBJ_EXCLUSIVE                     = 0x00000020
	OBJ_CASE_INSENSITIVE              = 0x00000040
	OBJ_OPENIF                        = 0x00000080
	OBJ_OPENLINK                      = 0x00000100
	OBJ_KERNEL_HANDLE                 = 0x00000200
	OBJ_FORCE_ACCESS_CHECK            = 0x00000400
	OBJ_IGNORE_IMPERSONATED_DEVICEMAP = 0x00000800
	OBJ_DONT_REPARSE                  = 0x00001000
	OBJ_VALID_ATTRIBUTES              = 0x00001FF2
)

Values for the Attributes member of OBJECT_ATTRIBUTES.

const (
	// CreateDisposition flags for NtCreateFile and NtCreateNamedPipeFile.
	FILE_SUPERSEDE           = 0x00000000
	FILE_OPEN                = 0x00000001
	FILE_CREATE              = 0x00000002
	FILE_OPEN_IF             = 0x00000003
	FILE_OVERWRITE           = 0x00000004
	FILE_OVERWRITE_IF        = 0x00000005
	FILE_MAXIMUM_DISPOSITION = 0x00000005

	// CreateOptions flags for NtCreateFile and NtCreateNamedPipeFile.
	FILE_DIRECTORY_FILE            = 0x00000001
	FILE_WRITE_THROUGH             = 0x00000002
	FILE_SEQUENTIAL_ONLY           = 0x00000004
	FILE_NO_INTERMEDIATE_BUFFERING = 0x00000008
	FILE_SYNCHRONOUS_IO_ALERT      = 0x00000010
	FILE_SYNCHRONOUS_IO_NONALERT   = 0x00000020
	FILE_NON_DIRECTORY_FILE        = 0x00000040
	FILE_CREATE_TREE_CONNECTION    = 0x00000080
	FILE_COMPLETE_IF_OPLOCKED      = 0x00000100
	FILE_NO_EA_KNOWLEDGE           = 0x00000200
	FILE_OPEN_REMOTE_INSTANCE      = 0x00000400
	FILE_RANDOM_ACCESS             = 0x00000800
	FILE_DELETE_ON_CLOSE           = 0x00001000
	FILE_OPEN_BY_FILE_ID           = 0x00002000
	FILE_OPEN_FOR_BACKUP_INTENT    = 0x00004000
	FILE_NO_COMPRESSION            = 0x00008000
	FILE_OPEN_REQUIRING_OPLOCK     = 0x00010000
	FILE_DISALLOW_EXCLUSIVE        = 0x00020000
	FILE_RESERVE_OPFILTER          = 0x00100000
	FILE_OPEN_REPARSE_POINT        = 0x00200000
	FILE_OPEN_NO_RECALL            = 0x00400000
	FILE_OPEN_FOR_FREE_SPACE_QUERY = 0x00800000
)

const (
	FILE_DISPOSITION_DO_NOT_DELETE             = 0x00000000
	FILE_DISPOSITION_DELETE                    = 0x00000001
	FILE_DISPOSITION_POSIX_SEMANTICS           = 0x00000002
	FILE_DISPOSITION_FORCE_IMAGE_SECTION_CHECK = 0x00000004
	FILE_DISPOSITION_ON_CLOSE                  = 0x00000008
	FILE_DISPOSITION_IGNORE_READONLY_ATTRIBUTE = 0x00000010
)

https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntddk/ns-ntddk-_file_disposition_information_ex

const MAX_MODULE_NAME32 = 255

const MB_ERR_INVALID_CHARS = 8

const SE_GROUP_INTEGRITY = 0x00000020

const SizeofModuleEntry32 = unsafe.Sizeof(ModuleEntry32{})

const (
	USER_PRIV_USER = 1
)

Variables ¶

var CanUseLongPaths bool

CanUseLongPaths is true when the OS supports opting into proper long path handling without the need for fixups.

var SECURITY_NT_AUTHORITY = SID_IDENTIFIER_AUTHORITY{
	Value: [6]byte{0, 0, 0, 0, 0, 5},
}

var SupportTCPInitialRTONoSYNRetransmissions = sync.OnceValue(func() bool {
	major, _, build := Version()
	return major >= 10 && build >= 16299
})

SupportTCPInitialRTONoSYNRetransmissions indicates whether the current Windows version supports the TCP_INITIAL_RTO_NO_SYN_RETRANSMISSIONS. The minimal requirement is Windows 10.0.16299.

var SupportUnixSocket = sync.OnceValue(func() bool {
	var size uint32

	_, _ = syscall.WSAEnumProtocols(nil, nil, &size)
	n := int32(size) / int32(unsafe.Sizeof(syscall.WSAProtocolInfo{}))

	buf := make([]syscall.WSAProtocolInfo, n)
	n, err := syscall.WSAEnumProtocols(nil, &buf[0], &size)
	if err != nil {
		return false
	}
	for i := int32(0); i < n; i++ {
		if buf[i].AddressFamily == syscall.AF_UNIX {
			return true
		}
	}
	return false
})

SupportUnixSocket indicates whether the current Windows version supports Unix Domain Sockets. The minimal requirement is Windows 10.0.17063.

var WSAID_WSARECVMSG = syscall.GUID{
	Data1: 0xf689d7c8,
	Data2: 0x6f1f,
	Data3: 0x436b,
	Data4: [8]byte{0x8a, 0x53, 0xe5, 0x4f, 0xe3, 0x51, 0xc3, 0x22},
}

var WSAID_WSASENDMSG = syscall.GUID{
	Data1: 0xa441e712,
	Data2: 0x754f,
	Data3: 0x43ca,
	Data4: [8]byte{0x84, 0xa7, 0x0d, 0xee, 0x44, 0xcf, 0x60, 0x6d},
}

Functions ¶

func AdjustTokenPrivileges ¶

func AdjustTokenPrivileges(token syscall.Token, disableAllPrivileges bool, newstate *TOKEN_PRIVILEGES, buflen uint32, prevstate *TOKEN_PRIVILEGES, returnlen *uint32) error

func CreateEnvironmentBlock ¶

func CreateEnvironmentBlock(block **uint16, token syscall.Token, inheritExisting bool) (err error)

func CreateEvent ¶

func CreateEvent(eventAttrs *SecurityAttributes, manualReset uint32, initialState uint32, name *uint16) (handle syscall.Handle, err error)

func Deleteat ¶

func Deleteat(dirfd syscall.Handle, name string) error

func DestroyEnvironmentBlock ¶

func DestroyEnvironmentBlock(block *uint16) (err error)

func DuplicateTokenEx ¶

func DuplicateTokenEx(hExistingToken syscall.Token, dwDesiredAccess uint32, lpTokenAttributes *syscall.SecurityAttributes, impersonationLevel uint32, tokenType TokenType, phNewToken *syscall.Token) (err error)

func ErrorLoadingGetTempPath2 ¶

func ErrorLoadingGetTempPath2() error

func FinalPath ¶

func FinalPath(h syscall.Handle, flags uint32) (string, error)

func GetACP ¶

func GetACP() (acp uint32)

func GetAdaptersAddresses ¶

func GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizePointer *uint32) (errcode error)

func GetComputerNameEx ¶

func GetComputerNameEx(nameformat uint32, buf *uint16, n *uint32) (err error)

func GetConsoleCP ¶

func GetConsoleCP() (ccp uint32)

func GetCurrentThread ¶

func GetCurrentThread() (pseudoHandle syscall.Handle, err error)

func GetFileInformationByHandleEx ¶

func GetFileInformationByHandleEx(handle syscall.Handle, class uint32, info *byte, bufsize uint32) (err error)

func GetFinalPathNameByHandle ¶

func GetFinalPathNameByHandle(file syscall.Handle, filePath *uint16, filePathSize uint32, flags uint32) (n uint32, err error)

func GetModuleFileName ¶

func GetModuleFileName(module syscall.Handle, fn *uint16, len uint32) (n uint32, err error)

func GetModuleHandle ¶

func GetModuleHandle(modulename *uint16) (handle syscall.Handle, err error)

func GetProcessMemoryInfo ¶

func GetProcessMemoryInfo(handle syscall.Handle, memCounters *PROCESS_MEMORY_COUNTERS, cb uint32) (err error)

func GetProfilesDirectory ¶

func GetProfilesDirectory(dir *uint16, dirLen *uint32) (err error)

func GetSidSubAuthority ¶

func GetSidSubAuthority(sid *syscall.SID, subAuthorityIdx uint32) uint32

func GetSidSubAuthorityCount ¶

func GetSidSubAuthorityCount(sid *syscall.SID) uint8

func GetSystemDirectory ¶

func GetSystemDirectory() string

GetSystemDirectory retrieves the path to current location of the system directory, which is typically, though not always, `C:\Windows\System32`.

func GetTempPath2 ¶

func GetTempPath2(buflen uint32, buf *uint16) (n uint32, err error)

func GetUserName ¶

func GetUserName(format uint32) (string, error)

GetUserName retrieves the user name of the current thread in the specified format.

func GetVolumeInformationByHandle ¶

func GetVolumeInformationByHandle(file syscall.Handle, volumeNameBuffer *uint16, volumeNameSize uint32, volumeNameSerialNumber *uint32, maximumComponentLength *uint32, fileSystemFlags *uint32, fileSystemNameBuffer *uint16, fileSystemNameSize uint32) (err error)

func GetVolumeNameForVolumeMountPoint ¶

func GetVolumeNameForVolumeMountPoint(volumeMountPoint *uint16, volumeName *uint16, bufferlength uint32) (err error)

func ImpersonateLoggedOnUser ¶

func ImpersonateLoggedOnUser(token syscall.Token) (err error)

func ImpersonateSelf ¶

func ImpersonateSelf(impersonationlevel uint32) (err error)

func IsValidSid ¶

func IsValidSid(sid *syscall.SID) (valid bool)

func LockFileEx ¶

func LockFileEx(file syscall.Handle, flags uint32, reserved uint32, bytesLow uint32, bytesHigh uint32, overlapped *syscall.Overlapped) (err error)

func LogonUser ¶

func LogonUser(username *uint16, domain *uint16, password *uint16, logonType uint32, logonProvider uint32, token *syscall.Token) (err error)

func LookupPrivilegeValue ¶

func LookupPrivilegeValue(systemname *uint16, name *uint16, luid *LUID) (err error)

func Mkdirat ¶

func Mkdirat(dirfd syscall.Handle, name string, mode uint32) error

func Module32First ¶

func Module32First(snapshot syscall.Handle, moduleEntry *ModuleEntry32) (err error)

func Module32Next ¶

func Module32Next(snapshot syscall.Handle, moduleEntry *ModuleEntry32) (err error)

func MoveFileEx ¶

func MoveFileEx(from *uint16, to *uint16, flags uint32) (err error)

func MultiByteToWideChar ¶

func MultiByteToWideChar(codePage uint32, dwFlags uint32, str *byte, nstr int32, wchar *uint16, nwchar int32) (nwrite int32, err error)

func NetShareAdd ¶

func NetShareAdd(serverName *uint16, level uint32, buf *byte, parmErr *uint16) (neterr error)

func NetShareDel ¶

func NetShareDel(serverName *uint16, netName *uint16, reserved uint32) (neterr error)

func NetUserAdd ¶

func NetUserAdd(serverName *uint16, level uint32, buf *byte, parmErr *uint32) (neterr error)

func NetUserDel ¶

func NetUserDel(serverName *uint16, userName *uint16) (neterr error)

func NetUserGetLocalGroups ¶

func NetUserGetLocalGroups(serverName *uint16, userName *uint16, level uint32, flags uint32, buf **byte, prefMaxLen uint32, entriesRead *uint32, totalEntries *uint32) (neterr error)

func NtCreateFile ¶

func NtCreateFile(handle *syscall.Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, allocationSize *int64, attributes uint32, share uint32, disposition uint32, options uint32, eabuffer uintptr, ealength uint32) (ntstatus error)

func NtOpenFile ¶

func NtOpenFile(handle *syscall.Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, share uint32, options uint32) (ntstatus error)

func NtSetInformationFile ¶

func NtSetInformationFile(handle syscall.Handle, iosb *IO_STATUS_BLOCK, inBuffer uintptr, inBufferLen uint32, class uint32) (ntstatus error)

func OpenSCManager ¶

func OpenSCManager(machineName *uint16, databaseName *uint16, access uint32) (handle syscall.Handle, err error)

func OpenService ¶

func OpenService(mgr syscall.Handle, serviceName *uint16, access uint32) (handle syscall.Handle, err error)

func OpenThreadToken ¶

func OpenThreadToken(h syscall.Handle, access uint32, openasself bool, token *syscall.Token) (err error)

func Openat ¶

func Openat(dirfd syscall.Handle, name string, flag int, perm uint32) (_ syscall.Handle, e1 error)

func ProcessPrng ¶

func ProcessPrng(buf []byte) (err error)

func QueryPerformanceCounter ¶

func QueryPerformanceCounter() int64

QueryPerformanceCounter retrieves the current value of performance counter.

func QueryPerformanceFrequency ¶

func QueryPerformanceFrequency() int64

QueryPerformanceFrequency retrieves the frequency of the performance counter. The returned value is represented as counts per second.

func QueryServiceStatus ¶

func QueryServiceStatus(hService syscall.Handle, lpServiceStatus *SERVICE_STATUS) (err error)

func Rename ¶

func Rename(oldpath, newpath string) error

func RevertToSelf ¶

func RevertToSelf() (err error)

func RtlLookupFunctionEntry ¶

func RtlLookupFunctionEntry(pc uintptr, baseAddress *uintptr, table *byte) (ret uintptr)

func RtlVirtualUnwind ¶

func RtlVirtualUnwind(handlerType uint32, baseAddress uintptr, pc uintptr, entry uintptr, ctxt uintptr, data *uintptr, frame *uintptr, ctxptrs *byte) (ret uintptr)

func SetFileInformationByHandle ¶

func SetFileInformationByHandle(handle syscall.Handle, fileInformationClass uint32, buf unsafe.Pointer, bufsize uint32) (err error)

func SetTokenInformation ¶

func SetTokenInformation(tokenHandle syscall.Token, tokenInformationClass uint32, tokenInformation uintptr, tokenInformationLength uint32) (err error)

func SupportTCPKeepAliveCount ¶

func SupportTCPKeepAliveCount() bool

SupportTCPKeepAliveCount indicates whether TCP_KEEPCNT is supported. supports TCP_KEEPCNT. The minimal requirement is Windows 10.0.15063.

func SupportTCPKeepAliveIdle ¶

func SupportTCPKeepAliveIdle() bool

SupportTCPKeepAliveIdle indicates whether TCP_KEEPIDLE is supported. The minimal requirement is Windows 10.0.16299.

func SupportTCPKeepAliveInterval ¶

func SupportTCPKeepAliveInterval() bool

SupportTCPKeepAliveInterval indicates whether TCP_KEEPINTVL is supported. The minimal requirement is Windows 10.0.16299.

func UTF16PtrToString ¶

func UTF16PtrToString(p *uint16) string

UTF16PtrToString is like UTF16ToString, but takes *uint16 as a parameter instead of []uint16.

func UnlockFileEx ¶

func UnlockFileEx(file syscall.Handle, reserved uint32, bytesLow uint32, bytesHigh uint32, overlapped *syscall.Overlapped) (err error)

func Version ¶

func Version() (major, minor, build uint32)

Version retrieves the major, minor, and build version numbers of the current Windows OS from the RtlGetVersion API.

func VirtualQuery ¶

func VirtualQuery(address uintptr, buffer *MemoryBasicInformation, length uintptr) (err error)

func WSAGetOverlappedResult ¶

func WSAGetOverlappedResult(h syscall.Handle, o *syscall.Overlapped, bytes *uint32, wait bool, flags *uint32) (err error)

func WSARecvMsg ¶

func WSARecvMsg(fd syscall.Handle, msg *WSAMsg, bytesReceived *uint32, overlapped *syscall.Overlapped, croutine *byte) error

func WSASendMsg ¶

func WSASendMsg(fd syscall.Handle, msg *WSAMsg, flags uint32, bytesSent *uint32, overlapped *syscall.Overlapped, croutine *byte) error

func WSASendtoInet4 ¶

func WSASendtoInet4(s syscall.Handle, bufs *syscall.WSABuf, bufcnt uint32, sent *uint32, flags uint32, to *syscall.SockaddrInet4, overlapped *syscall.Overlapped, croutine *byte) (err error)

func WSASendtoInet6 ¶

func WSASendtoInet6(s syscall.Handle, bufs *syscall.WSABuf, bufcnt uint32, sent *uint32, flags uint32, to *syscall.SockaddrInet6, overlapped *syscall.Overlapped, croutine *byte) (err error)

func WSASocket ¶

func WSASocket(af int32, typ int32, protocol int32, protinfo *syscall.WSAProtocolInfo, group uint32, flags uint32) (handle syscall.Handle, err error)

Types ¶

type ACCESS_MASK ¶

type ACCESS_MASK uint32

https://learn.microsoft.com/en-us/windows/win32/secauthz/access-mask

type ACL ¶

type ACL struct {
	AclRevision byte
	Sbz1        byte
	AclSize     uint16
	AceCount    uint16
	Sbz2        uint16
}

https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ns-wdm-_acl

type FILE_ATTRIBUTE_TAG_INFO ¶

type FILE_ATTRIBUTE_TAG_INFO struct {
	FileAttributes uint32
	ReparseTag     uint32
}

type FILE_BASIC_INFO ¶

type FILE_BASIC_INFO struct {
	CreationTime   int64
	LastAccessTime int64
	LastWriteTime  int64
	ChangedTime    int64
	FileAttributes uint32
	// contains filtered or unexported fields
}

type FILE_DISPOSITION_INFORMATION ¶

type FILE_DISPOSITION_INFORMATION struct {
	DeleteFile bool
}

https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntddk/ns-ntddk-_file_disposition_information

type FILE_DISPOSITION_INFORMATION_EX ¶

type FILE_DISPOSITION_INFORMATION_EX struct {
	Flags uint32
}

https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntddk/ns-ntddk-_file_disposition_information_ex

type FILE_FULL_DIR_INFO ¶

type FILE_FULL_DIR_INFO struct {
	NextEntryOffset uint32
	FileIndex       uint32
	CreationTime    syscall.Filetime
	LastAccessTime  syscall.Filetime
	LastWriteTime   syscall.Filetime
	ChangeTime      syscall.Filetime
	EndOfFile       uint64
	AllocationSize  uint64
	FileAttributes  uint32
	FileNameLength  uint32
	EaSize          uint32
	FileName        [1]uint16
}

type FILE_ID_BOTH_DIR_INFO ¶

type FILE_ID_BOTH_DIR_INFO struct {
	NextEntryOffset uint32
	FileIndex       uint32
	CreationTime    syscall.Filetime
	LastAccessTime  syscall.Filetime
	LastWriteTime   syscall.Filetime
	ChangeTime      syscall.Filetime
	EndOfFile       uint64
	AllocationSize  uint64
	FileAttributes  uint32
	FileNameLength  uint32
	EaSize          uint32
	ShortNameLength uint32
	ShortName       [12]uint16
	FileID          uint64
	FileName        [1]uint16
}

type IO_STATUS_BLOCK ¶

type IO_STATUS_BLOCK struct {
	Status      NTStatus
	Information uintptr
}

https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ns-wdm-_io_status_block

type IpAdapterAddresses ¶

type IpAdapterAddresses struct {
	Length                 uint32
	IfIndex                uint32
	Next                   *IpAdapterAddresses
	AdapterName            *byte
	FirstUnicastAddress    *IpAdapterUnicastAddress
	FirstAnycastAddress    *IpAdapterAnycastAddress
	FirstMulticastAddress  *IpAdapterMulticastAddress
	FirstDnsServerAddress  *IpAdapterDnsServerAdapter
	DnsSuffix              *uint16
	Description            *uint16
	FriendlyName           *uint16
	PhysicalAddress        [syscall.MAX_ADAPTER_ADDRESS_LENGTH]byte
	PhysicalAddressLength  uint32
	Flags                  uint32
	Mtu                    uint32
	IfType                 uint32
	OperStatus             uint32
	Ipv6IfIndex            uint32
	ZoneIndices            [16]uint32
	FirstPrefix            *IpAdapterPrefix
	TransmitLinkSpeed      uint64
	ReceiveLinkSpeed       uint64
	FirstWinsServerAddress *IpAdapterWinsServerAddress
	FirstGatewayAddress    *IpAdapterGatewayAddress
}

type IpAdapterAnycastAddress ¶

type IpAdapterAnycastAddress struct {
	Length  uint32
	Flags   uint32
	Next    *IpAdapterAnycastAddress
	Address SocketAddress
}

type IpAdapterDnsServerAdapter ¶

type IpAdapterDnsServerAdapter struct {
	Length   uint32
	Reserved uint32
	Next     *IpAdapterDnsServerAdapter
	Address  SocketAddress
}

type IpAdapterGatewayAddress ¶

type IpAdapterGatewayAddress struct {
	Length   uint32
	Reserved uint32
	Next     *IpAdapterGatewayAddress
	Address  SocketAddress
}

type IpAdapterMulticastAddress ¶

type IpAdapterMulticastAddress struct {
	Length  uint32
	Flags   uint32
	Next    *IpAdapterMulticastAddress
	Address SocketAddress
}

type IpAdapterPrefix ¶

type IpAdapterPrefix struct {
	Length       uint32
	Flags        uint32
	Next         *IpAdapterPrefix
	Address      SocketAddress
	PrefixLength uint32
}

type IpAdapterUnicastAddress ¶

type IpAdapterUnicastAddress struct {
	Length             uint32
	Flags              uint32
	Next               *IpAdapterUnicastAddress
	Address            SocketAddress
	PrefixOrigin       int32
	SuffixOrigin       int32
	DadState           int32
	ValidLifetime      uint32
	PreferredLifetime  uint32
	LeaseLifetime      uint32
	OnLinkPrefixLength uint8
}

type IpAdapterWinsServerAddress ¶

type IpAdapterWinsServerAddress struct {
	Length   uint32
	Reserved uint32
	Next     *IpAdapterWinsServerAddress
	Address  SocketAddress
}

type LUID ¶

type LUID struct {
	LowPart  uint32
	HighPart int32
}

type LUID_AND_ATTRIBUTES ¶

type LUID_AND_ATTRIBUTES struct {
	Luid       LUID
	Attributes uint32
}

type LocalGroupUserInfo0 ¶

type LocalGroupUserInfo0 struct {
	Name *uint16
}

type MemoryBasicInformation ¶

type MemoryBasicInformation struct {
	// A pointer to the base address of the region of pages.
	BaseAddress uintptr
	// A pointer to the base address of a range of pages allocated by the VirtualAlloc function.
	// The page pointed to by the BaseAddress member is contained within this allocation range.
	AllocationBase uintptr
	// The memory protection option when the region was initially allocated
	AllocationProtect uint32
	PartitionId       uint16
	// The size of the region beginning at the base address in which all pages have identical attributes, in bytes.
	RegionSize uintptr
	// The state of the pages in the region.
	State uint32
	// The access protection of the pages in the region.
	Protect uint32
	// The type of pages in the region.
	Type uint32
}

type ModuleEntry32 ¶

type ModuleEntry32 struct {
	Size         uint32
	ModuleID     uint32
	ProcessID    uint32
	GlblcntUsage uint32
	ProccntUsage uint32
	ModBaseAddr  uintptr
	ModBaseSize  uint32
	ModuleHandle syscall.Handle
	Module       [MAX_MODULE_NAME32 + 1]uint16
	ExePath      [syscall.MAX_PATH]uint16
}

type MountPointReparseBuffer ¶

type MountPointReparseBuffer struct {
	// The integer that contains the offset, in bytes,
	// of the substitute name string in the PathBuffer array,
	// computed as an offset from byte 0 of PathBuffer. Note that
	// this offset must be divided by 2 to get the array index.
	SubstituteNameOffset uint16
	// The integer that contains the length, in bytes, of the
	// substitute name string. If this string is null-terminated,
	// SubstituteNameLength does not include the Unicode null character.
	SubstituteNameLength uint16
	// PrintNameOffset is similar to SubstituteNameOffset.
	PrintNameOffset uint16
	// PrintNameLength is similar to SubstituteNameLength.
	PrintNameLength uint16
	PathBuffer      [1]uint16
}

func (*MountPointReparseBuffer) Path ¶

func (rb *MountPointReparseBuffer) Path() string

Path returns path stored in rb.

type NTStatus ¶

type NTStatus uint32

NTStatus corresponds with NTSTATUS, error values returned by ntdll.dll and other native functions.

const (
	STATUS_FILE_IS_A_DIRECTORY       NTStatus = 0xC00000BA
	STATUS_DIRECTORY_NOT_EMPTY       NTStatus = 0xC0000101
	STATUS_NOT_A_DIRECTORY           NTStatus = 0xC0000103
	STATUS_CANNOT_DELETE             NTStatus = 0xC0000121
	STATUS_REPARSE_POINT_ENCOUNTERED NTStatus = 0xC000050B
)

x/sys/windows/mkerrors.bash can generate a complete list of NTStatus codes.

At the moment, we only need a couple, so just put them here manually. If this list starts getting long, we should consider generating the full set.

func (NTStatus) Errno ¶

func (s NTStatus) Errno() syscall.Errno

func (NTStatus) Error ¶

func (s NTStatus) Error() string

type NTUnicodeString ¶

type NTUnicodeString struct {
	Length        uint16
	MaximumLength uint16
	Buffer        *uint16
}

NTUnicodeString is a UTF-16 string for NT native APIs, corresponding to UNICODE_STRING.

func NewNTUnicodeString ¶

func NewNTUnicodeString(s string) (*NTUnicodeString, error)

NewNTUnicodeString returns a new NTUnicodeString structure for use with native NT APIs that work over the NTUnicodeString type. Note that most Windows APIs do not use NTUnicodeString, and instead UTF16PtrFromString should be used for the more common *uint16 string type.

type OBJECT_ATTRIBUTES ¶

type OBJECT_ATTRIBUTES struct {
	Length             uint32
	RootDirectory      syscall.Handle
	ObjectName         *NTUnicodeString
	Attributes         uint32
	SecurityDescriptor *SECURITY_DESCRIPTOR
	SecurityQoS        *SECURITY_QUALITY_OF_SERVICE
}

https://learn.microsoft.com/en-us/windows/win32/api/ntdef/ns-ntdef-_object_attributes

type PROCESS_MEMORY_COUNTERS ¶

type PROCESS_MEMORY_COUNTERS struct {
	CB                         uint32
	PageFaultCount             uint32
	PeakWorkingSetSize         uintptr
	WorkingSetSize             uintptr
	QuotaPeakPagedPoolUsage    uintptr
	QuotaPagedPoolUsage        uintptr
	QuotaPeakNonPagedPoolUsage uintptr
	QuotaNonPagedPoolUsage     uintptr
	PagefileUsage              uintptr
	PeakPagefileUsage          uintptr
}

type REPARSE_DATA_BUFFER ¶

type REPARSE_DATA_BUFFER struct {
	ReparseTag        uint32
	ReparseDataLength uint16
	Reserved          uint16
	DUMMYUNIONNAME    byte
}

type REPARSE_DATA_BUFFER_HEADER ¶

type REPARSE_DATA_BUFFER_HEADER struct {
	ReparseTag uint32
	// The size, in bytes, of the reparse data that follows
	// the common portion of the REPARSE_DATA_BUFFER element.
	// This value is the length of the data starting at the
	// SubstituteNameOffset field.
	ReparseDataLength uint16
	Reserved          uint16
}

REPARSE_DATA_BUFFER_HEADER is a common part of REPARSE_DATA_BUFFER structure.

type SECURITY_DESCRIPTOR ¶

type SECURITY_DESCRIPTOR struct {
	// contains filtered or unexported fields
}

https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntifs/ns-ntifs-_security_descriptor

type SECURITY_DESCRIPTOR_CONTROL ¶

type SECURITY_DESCRIPTOR_CONTROL uint16

https://learn.microsoft.com/en-us/windows-hardware/drivers/ifs/security-descriptor-control

type SECURITY_QUALITY_OF_SERVICE ¶

type SECURITY_QUALITY_OF_SERVICE struct {
	Length              uint32
	ImpersonationLevel  uint32 // type SECURITY_IMPERSONATION_LEVEL
	ContextTrackingMode byte   // type SECURITY_CONTEXT_TRACKING_MODE
	EffectiveOnly       byte
}

https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-security_quality_of_service

type SERVICE_STATUS ¶

type SERVICE_STATUS struct {
	ServiceType             uint32
	CurrentState            uint32
	ControlsAccepted        uint32
	Win32ExitCode           uint32
	ServiceSpecificExitCode uint32
	CheckPoint              uint32
	WaitHint                uint32
}

type SHARE_INFO_2 ¶

type SHARE_INFO_2 struct {
	Netname     *uint16
	Type        uint32
	Remark      *uint16
	Permissions uint32
	MaxUses     uint32
	CurrentUses uint32
	Path        *uint16
	Passwd      *uint16
}

type SID_AND_ATTRIBUTES ¶

type SID_AND_ATTRIBUTES struct {
	Sid        *syscall.SID
	Attributes uint32
}

type SID_IDENTIFIER_AUTHORITY ¶

type SID_IDENTIFIER_AUTHORITY struct {
	Value [6]byte
}

https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-sid_identifier_authority

func GetSidIdentifierAuthority ¶

func GetSidIdentifierAuthority(sid *syscall.SID) SID_IDENTIFIER_AUTHORITY

type SecurityAttributes ¶

type SecurityAttributes struct {
	Length             uint16
	SecurityDescriptor uintptr
	InheritHandle      bool
}

type SocketAddress ¶

type SocketAddress struct {
	Sockaddr       *syscall.RawSockaddrAny
	SockaddrLength int32
}

type SymbolicLinkReparseBuffer ¶

type SymbolicLinkReparseBuffer struct {
	// The integer that contains the offset, in bytes,
	// of the substitute name string in the PathBuffer array,
	// computed as an offset from byte 0 of PathBuffer. Note that
	// this offset must be divided by 2 to get the array index.
	SubstituteNameOffset uint16
	// The integer that contains the length, in bytes, of the
	// substitute name string. If this string is null-terminated,
	// SubstituteNameLength does not include the Unicode null character.
	SubstituteNameLength uint16
	// PrintNameOffset is similar to SubstituteNameOffset.
	PrintNameOffset uint16
	// PrintNameLength is similar to SubstituteNameLength.
	PrintNameLength uint16
	// Flags specifies whether the substitute name is a full path name or
	// a path name relative to the directory containing the symbolic link.
	Flags      uint32
	PathBuffer [1]uint16
}

func (*SymbolicLinkReparseBuffer) Path ¶

func (rb *SymbolicLinkReparseBuffer) Path() string

Path returns path stored in rb.

type TCP_INITIAL_RTO_PARAMETERS ¶

type TCP_INITIAL_RTO_PARAMETERS struct {
	Rtt                   uint16
	MaxSynRetransmissions uint8
}

type TOKEN_GROUPS ¶

type TOKEN_GROUPS struct {
	GroupCount uint32
	Groups     [1]SID_AND_ATTRIBUTES
}

func GetTokenGroups ¶

func GetTokenGroups(t syscall.Token) (*TOKEN_GROUPS, error)

func (*TOKEN_GROUPS) AllGroups ¶

func (g *TOKEN_GROUPS) AllGroups() []SID_AND_ATTRIBUTES

type TOKEN_MANDATORY_LABEL ¶

type TOKEN_MANDATORY_LABEL struct {
	Label SID_AND_ATTRIBUTES
}

func (*TOKEN_MANDATORY_LABEL) Size ¶

func (tml *TOKEN_MANDATORY_LABEL) Size() uint32

type TOKEN_PRIVILEGES ¶

type TOKEN_PRIVILEGES struct {
	PrivilegeCount uint32
	Privileges     [1]LUID_AND_ATTRIBUTES
}

type TokenType ¶

type TokenType uint32

const (
	TokenPrimary       TokenType = 1
	TokenImpersonation TokenType = 2
)

type UserInfo1 ¶

type UserInfo1 struct {
	Name        *uint16
	Password    *uint16
	PasswordAge uint32
	Priv        uint32
	HomeDir     *uint16
	Comment     *uint16
	Flags       uint32
	ScriptPath  *uint16
}

type UserInfo4 ¶

type UserInfo4 struct {
	Name            *uint16
	Password        *uint16
	PasswordAge     uint32
	Priv            uint32
	HomeDir         *uint16
	Comment         *uint16
	Flags           uint32
	ScriptPath      *uint16
	AuthFlags       uint32
	FullName        *uint16
	UsrComment      *uint16
	Parms           *uint16
	Workstations    *uint16
	LastLogon       uint32
	LastLogoff      uint32
	AcctExpires     uint32
	MaxStorage      uint32
	UnitsPerWeek    uint32
	LogonHours      *byte
	BadPwCount      uint32
	NumLogons       uint32
	LogonServer     *uint16
	CountryCode     uint32
	CodePage        uint32
	UserSid         *syscall.SID
	PrimaryGroupID  uint32
	Profile         *uint16
	HomeDirDrive    *uint16
	PasswordExpired uint32
}

type WSAMsg ¶

type WSAMsg struct {
	Name        syscall.Pointer
	Namelen     int32
	Buffers     *syscall.WSABuf
	BufferCount uint32
	Control     syscall.WSABuf
	Flags       uint32
}

Source Files ¶

at_windows.go memory_windows.go net_windows.go psapi_windows.go reparse_windows.go security_windows.go string_windows.go symlink_windows.go syscall_windows.go types_windows.go version_windows.go zsyscall_windows.go

Version: v1.24.1 (latest)
Published: Feb 27, 2025
Platform: windows/amd64
Imports: 6 packages
Last checked: 6 minutes ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples