Fixes and optimizations galore

lkarlslund · Sep 14, 2022 · 866cfe6 · 866cfe6
1 parent 31a52f9
commit 866cfe6
Show file tree

Hide file tree

Showing 24 changed files with 792 additions and 677 deletions.
diff --git a/modules/analyze/webservicefuncs.go b/modules/analyze/webservicefuncs.go
@@ -105,7 +105,7 @@ func analysisfuncs(ws *webservice) {
 		case "dn", "distinguishedname":
 			o, found = ws.Objs.Find(activedirectory.DistinguishedName, engine.AttributeValueString(vars["id"]))
 		case "sid":
-			sid, err := windowssecurity.SIDFromString(vars["id"])
+			sid, err := windowssecurity.ParseStringSID(vars["id"])
 			if err != nil {
 				w.WriteHeader(400) // bad request
 				w.Write([]byte(err.Error()))
@@ -147,11 +147,12 @@ func analysisfuncs(ws *webservice) {
 			Attributes:        make(map[string][]string),
 		}
 
-		for attr, values := range o.AttributeValueMap() {
+		o.AttrIterator(func(attr engine.Attribute, values engine.AttributeValues) bool {
 			slice := values.StringSlice()
 			sort.StringSlice(slice).Sort()
 			od.Attributes[attr.String()] = slice
-		}
+			return true
+		})
 
 		if r.FormValue("format") == "json" {
 			w.WriteHeader(200)
@@ -567,12 +568,13 @@ func analysisfuncs(ws *webservice) {
 `, id, node.Label(), node.DN())
 
 				if alldetails {
-					for attribute, values := range node.AttributeValueMap() {
+					node.AttrIterator(func(attribute engine.Attribute, values engine.AttributeValues) bool {
 						valuesjoined := strings.Join(values.StringSlice(), ", ")
 						if util.IsASCII(valuesjoined) {
 							fmt.Fprintf(w, "  %v %v\n", attribute, valuesjoined)
 						}
-					}
+						return true
+					})
 				}
 				fmt.Fprintf(w, "  ]\n")
 			}
@@ -601,7 +603,7 @@ func analysisfuncs(ws *webservice) {
 				}
 
 				if alldetails {
-					for attribute, values := range object.AttributeValueMap() {
+					object.AttrIterator(func(attribute engine.Attribute, values engine.AttributeValues) bool {
 						if values != nil {
 							valuesjoined := strings.Join(values.StringSlice(), ", ")
 							if util.IsASCII(valuesjoined) {
@@ -611,7 +613,8 @@ func analysisfuncs(ws *webservice) {
 								})
 							}
 						}
-					}
+						return true
+					})
 				}
 				graph.Nodes = append(graph.Nodes, xmlnode)
 			}

diff --git a/modules/engine/analyzeobjects.go b/modules/engine/analyzeobjects.go
@@ -6,7 +6,7 @@ import (
 	"github.com/lkarlslund/adalanche/modules/ui"
 )
 
-var EdgeMemberOfGroup = NewEdge("MemberOfGroup") // FIXME, this should be generalized to expand-anyway-priority somehoe
+var EdgeMemberOfGroup = NewEdge("MemberOfGroup")
 
 var SortBy Attribute = NonExistingAttribute
 

diff --git a/modules/engine/attributes.go b/modules/engine/attributes.go
@@ -63,7 +63,7 @@ var (
 	ObjectSid             = NewAttribute("objectSid").Single() // Strange yes, but in the final results there are multiple objects with the same SID
 	ObjectGUID            = NewAttribute("objectGUID").Single().Unique()
 	NTSecurityDescriptor  = NewAttribute("nTSecurityDescriptor").Single()
-	SchemaIDGUID          = NewAttribute("schemaIDGUID") // Dirty, needs proper FIXME for multi domain
+	SchemaIDGUID          = NewAttribute("schemaIDGUID")
 	RightsGUID            = NewAttribute("rightsGUID")
 	AttributeSecurityGUID = NewAttribute("attributeSecurityGUID")
 

diff --git a/modules/engine/attributevalue.go b/modules/engine/attributevalue.go
@@ -13,46 +13,44 @@ import (
 )
 
 func CompareAttributeValues(a, b AttributeValue) bool {
-	araw := a.Raw()
-	braw := b.Raw()
-	switch na := araw.(type) {
-	case bool:
-		nb, btype := braw.(bool)
+	switch na := a.(type) {
+	case AttributeValueBool:
+		nb, btype := b.(AttributeValueBool)
 		if btype {
 			return na == nb
 		}
-	case string:
-		nb, btype := braw.(string)
+	case AttributeValueString:
+		nb, btype := b.(AttributeValueString)
 		if btype {
-			return strings.EqualFold(na, nb)
+			return strings.EqualFold(string(na), string(nb))
 		}
-	case int64:
-		nb, btype := braw.(int64)
+	case AttributeValueInt:
+		nb, btype := b.(AttributeValueInt)
 		if btype {
 			return na == nb
 		}
-	case time.Time:
-		nb, btype := braw.(time.Time)
+	case AttributeValueTime:
+		nb, btype := b.(AttributeValueTime)
 		if btype {
-			return na.Equal(nb)
+			return time.Time(na).Equal(time.Time(nb))
 		}
-	case []byte:
-		nb, btype := braw.([]byte)
+	case AttributeValueBlob:
+		nb, btype := b.(AttributeValueBlob)
 		if btype {
-			return bytes.Equal(na, nb)
+			return bytes.Equal([]byte(na), []byte(nb))
 		}
-	case windowssecurity.SID:
-		nb, btype := braw.(windowssecurity.SID)
+	case AttributeValueSID:
+		nb, btype := b.(AttributeValueSID)
 		if btype {
 			return string(na) == string(nb)
 		}
-	case uuid.UUID:
-		nb, btype := braw.(uuid.UUID)
+	case AttributeValueGUID:
+		nb, btype := b.(AttributeValueGUID)
 		if btype {
 			return na == nb
 		}
-	case *Object:
-		nb, btype := braw.(*Object)
+	case AttributeValueObject:
+		nb, btype := b.(AttributeValueObject)
 		if btype {
 			return na == nb // Exact same object pointed to in memory
 		}
@@ -171,6 +169,7 @@ type AttributeValue interface {
 	String() string
 	Raw() interface{}
 	IsZero() bool
+	// Compare(other AttributeValue) bool
 }
 
 type AttributeValueObject struct {
@@ -189,7 +188,7 @@ func (avo AttributeValueObject) IsZero() bool {
 	if avo.Object == nil {
 		return true
 	}
-	return len(avo.values) == 0
+	return avo.values.Len() == 0
 }
 
 type AttributeValueString string

diff --git a/modules/engine/attributevaluemap.go b/modules/engine/attributevaluemap.go
@@ -1,20 +1,77 @@
 package engine
 
-type AttributeValueMap map[Attribute]AttributeValues
-
-func NewAttributeValueMap() AttributeValueMap {
-	return make(AttributeValueMap)
+type AttributeValueMap struct {
+	m map[Attribute]AttributeValues
+	// firstattribute Attribute
+	// data           []AttributeValues
 }
 
 func (avm AttributeValueMap) Get(a Attribute) (av AttributeValues, found bool) {
-	av, found = avm[a]
+	if avm.m == nil {
+		return nil, false
+	}
+	av, found = avm.m[a]
 	return
+	// if a < avm.firstattribute || int(a-avm.firstattribute) >= len(avm.data) {
+	// 	return nil, false
+	// }
+	// result := avm.data[a-avm.firstattribute]
+	// return result, result != nil
+}
+
+func (avm *AttributeValueMap) Set(a Attribute, av AttributeValues) {
+	if avm.m == nil {
+		avm.m = make(map[Attribute]AttributeValues)
+	}
+	avm.m[a] = av
+	// if len(avm.data) == 0 {
+	// 	avm.firstattribute = a
+	// 	avm.data = make([]AttributeValues, 1)
+	// 	avm.data[0] = av
+	// } else if a < avm.firstattribute {
+	// 	shift := int(avm.firstattribute - a)
+	// 	newdata := make([]AttributeValues, len(avm.data)+shift, len(avm.data)+shift)
+	// 	copy(newdata[shift:], avm.data)
+	// 	avm.data = newdata
+	// 	avm.firstattribute = a
+	// } else if int(a-avm.firstattribute) >= len(avm.data) {
+	// 	add := int(a-avm.firstattribute) - len(avm.data) + 1
+	// 	newdata := make([]AttributeValues, len(avm.data)+add, len(avm.data)+add)
+	// 	copy(newdata, avm.data)
+	// 	avm.data = newdata
+	// }
+	// avm.data[a-avm.firstattribute] = av
+}
+
+func (avm AttributeValueMap) Len() int {
+	return len(avm.m)
+	// var count int
+	// for _, v := range avm.data {
+	// 	if v != nil {
+	// 		count++
+	// 	}
+	// }
+	// return count
 }
 
-func (avm AttributeValueMap) Set(a Attribute, av AttributeValues) {
-	avm[a] = av
+func (avm *AttributeValueMap) Clear(a Attribute) {
+	if avm.m != nil {
+		delete(avm.m, a)
+	}
+	// avm.data[a-avm.firstattribute] = nil
 }
 
-func (avm AttributeValueMap) Clear(a Attribute) {
-	delete(avm, a)
+func (avm AttributeValueMap) Iterate(f func(attr Attribute, values AttributeValues) bool) {
+	for attr, values := range avm.m {
+		if !f(attr, values) {
+			break
+		}
+	}
+	// for i, values := range avm.data {
+	// 	if values != nil {
+	// 		if !f(avm.firstattribute+Attribute(i), values) {
+	// 			break
+	// 		}
+	// 	}
+	// }
 }
diff --git a/modules/engine/edge.go b/modules/engine/edge.go
@@ -15,7 +15,7 @@ type EdgeAnalyzer struct {
 
 // Increas this when we run out of space
 const PMBSIZE = 2
-const MAXPWNMETHODPOSSIBLE = PMBSIZE * 64
+const MAXEDGEPOSSIBLE = PMBSIZE * 64
 
 type EdgeBitmap [PMBSIZE]uint64
 type Probability int8
@@ -147,7 +147,7 @@ func NewEdge(name string) Edge {
 	}
 
 	newindex := Edge(len(edgeInfos))
-	if newindex == MAXPWNMETHODPOSSIBLE {
+	if newindex == MAXEDGEPOSSIBLE {
 		panic("Too many Edge definitions")
 	}
 
@@ -232,30 +232,22 @@ var (
 
 var AllEdgesBitmap EdgeBitmap
 
-var EdgePopularity [MAXPWNMETHODPOSSIBLE]uint64
+var EdgePopularity [MAXEDGEPOSSIBLE]uint64
 
 func init() {
-	for i := Edge(0); i < MAXPWNMETHODPOSSIBLE; i++ {
+	for i := Edge(0); i < MAXEDGEPOSSIBLE; i++ {
 		AllEdgesBitmap = AllEdgesBitmap.set(i)
 	}
 }
 
-/*
-type PwnMethodsAndProbabilities struct {
-	EdgeBitmap                 // Indicates if we have this method registered
-	probabilitymap  EdgeBitmap // Indicates if we have a probability set or should just return 100
-	probabilities   Probabilities
-}
-*/
-
 type EdgeDirection int
 
 const (
 	Out EdgeDirection = 0
 	In  EdgeDirection = 1
 )
 
-type EdgeConnections map[*Object]EdgeBitmap //sAndProbabilities
+type EdgeConnections map[*Object]EdgeBitmap
 
 var globalEdgeConnectionsLock sync.Mutex // Ugly but it will do