projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
silence some warnings.
[reactos.git] / reactos / lib / packet / Packet32.c
1 /*
2 * Copyright (c) 1999, 2000
3 * Politecnico di Torino. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the Politecnico
13 * di Torino, and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #define UNICODE 1
23
24 #include <windows.h>
25 #include <ddk/ntddndis.h>
26 #include <string.h>
27 #include <stdlib.h>
28
29 #include <packet32.h>
30 #include "trace.h"
31
32
33 /****** KERNEL Macro APIs ******************************************************/
34
35 #define GetInstanceModule(hInst) (HMODULE)(hInst)
36 #define GlobalPtrHandle(lp) ((HGLOBAL)GlobalHandle(lp))
37 #define GlobalLockPtr(lp) ((BOOL)GlobalLock(GlobalPtrHandle(lp)))
38 #define GlobalUnlockPtr(lp) GlobalUnlock(GlobalPtrHandle(lp))
39 #define GlobalAllocPtr(flags, cb) (GlobalLock(GlobalAlloc((flags), (cb))))
40 #define GlobalReAllocPtr(lp, cbNew, flags) (GlobalUnlockPtr(lp), GlobalLock(GlobalReAlloc(GlobalPtrHandle(lp) , (cbNew), (flags))))
41 #define GlobalFreePtr(lp) (GlobalUnlockPtr(lp), (BOOL)(ULONG_PTR)GlobalFree(GlobalPtrHandle(lp)))
42
43 #undef GMEM_MOVEABLE
44 #define GMEM_MOVEABLE 0
45
46
47
48 /// Title of error windows
49 TCHAR szWindowTitle[] = TEXT("PACKET.DLL");
50
51 #if DBG
52 #define ODS(_x) OutputDebugString(TEXT(_x))
53 //#define ODSEx(_x, _y)
54 #define ODSEx TRACE
55 #else
56 #ifdef _DEBUG_TO_FILE
57 #include <stdio.h>
58 /*!
59 \brief Macro to print a debug string. The behavior differs depending on the debug level
60 */
61 #define ODS(_x) { \
62 FILE *f; \
63 f = fopen("winpcap_debug.txt", "a"); \
64 fprintf(f, "%s", _x); \
65 fclose(f); \
66 }
67 /*!
68 \brief Macro to print debug data with the printf convention. The behavior differs depending on
69 the debug level
70 */
71 #define ODSEx(_x, _y) { \
72 FILE *f; \
73 f = fopen("winpcap_debug.txt", "a"); \
74 fprintf(f, _x, _y); \
75 fclose(f); \
76 }
77
78 LONG PacketDumpRegistryKey(PCHAR KeyName, PCHAR FileName);
79 #else
80 #define ODS(_x)
81 #define ODSEx(_x, _y)
82 #endif
83 #endif
84
85 //service handles
86 SC_HANDLE scmHandle = NULL;
87 SC_HANDLE srvHandle = NULL;
88 LPCTSTR NPFServiceName = TEXT("NPF");
89 LPCTSTR NPFServiceDesc = TEXT("Netgroup Packet Filter");
90 LPCTSTR NPFDriverName = TEXT("\\npf.sys");
91 LPCTSTR NPFRegistryLocation = TEXT("SYSTEM\\ControlSet001\\Services\\NPF");
92
93
94 //---------------------------------------------------------------------------
95
96 /*!
97 \brief The main dll function.
98 */
99
100 BOOL APIENTRY DllMain (HANDLE DllHandle,DWORD Reason,LPVOID lpReserved)
101 {
102 BOOLEAN Status=TRUE;
103
104 switch ( Reason )
105 {
106 case DLL_PROCESS_ATTACH:
107
108 ODS("\n************Packet32: DllMain************\n");
109
110 #ifdef _DEBUG_TO_FILE
111 // dump a bunch of registry keys useful for debug to file
112 PacketDumpRegistryKey("HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Class\\{4D36E972-E325-11CE-BFC1-08002BE10318}",
113 "adapters.reg");
114 PacketDumpRegistryKey("HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Tcpip",
115 "tcpip.reg");
116 PacketDumpRegistryKey("HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\NPF",
117 "npf.reg");
118 PacketDumpRegistryKey("HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services",
119 "services.reg");
120 #endif
121 break;
122
123 case DLL_PROCESS_DETACH:
124 break;
125
126 default:
127 break;
128 }
129
130 return Status;
131 }
132
133 /*!
134 \brief Converts an ASCII string to UNICODE. Uses the MultiByteToWideChar() system function.
135 \param string The string to convert.
136 \return The converted string.
137 */
138
139 WCHAR* SChar2WChar(char* string)
140 {
141 WCHAR* TmpStr;
142 TmpStr=(WCHAR*) malloc ((strlen(string)+2)*sizeof(WCHAR));
143
144 MultiByteToWideChar(CP_ACP, 0, string, -1, TmpStr, (strlen(string)+2));
145
146 return TmpStr;
147 }
148
149 /*!
150 \brief Sets the maximum possible lookahead buffer for the driver's Packet_tap() function.
151 \param AdapterObject Handle to the service control manager.
152 \return If the function succeeds, the return value is nonzero.
153
154 The lookahead buffer is the portion of packet that Packet_tap() can access from the NIC driver's memory
155 without performing a copy. This function tries to increase the size of that buffer.
156 */
157
158 BOOLEAN PacketSetMaxLookaheadsize (LPADAPTER AdapterObject)
159 {
160 BOOLEAN Status;
161 ULONG IoCtlBufferLength=(sizeof(PACKET_OID_DATA)+sizeof(ULONG)-1);
162 PPACKET_OID_DATA OidData;
163
164 OidData=GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,IoCtlBufferLength);
165 if (OidData == NULL) {
166 ODS("PacketSetMaxLookaheadsize failed\n");
167 return FALSE;
168 }
169
170 //set the size of the lookahead buffer to the maximum available by the the NIC driver
171 OidData->Oid=OID_GEN_MAXIMUM_LOOKAHEAD;
172 OidData->Length=sizeof(ULONG);
173 Status=PacketRequest(AdapterObject,FALSE,OidData);
174 OidData->Oid=OID_GEN_CURRENT_LOOKAHEAD;
175 Status=PacketRequest(AdapterObject,TRUE,OidData);
176 GlobalFreePtr(OidData);
177 return Status;
178 }
179
180 /*!
181 \brief Retrieves the event associated in the driver with a capture instance and stores it in an
182 _ADAPTER structure.
183 \param AdapterObject Handle to the service control manager.
184 \return If the function succeeds, the return value is nonzero.
185
186 This function is used by PacketOpenAdapter() to retrieve the read event from the driver by means of an ioctl
187 call and set it in the _ADAPTER structure pointed by AdapterObject.
188 */
189
190 BOOLEAN PacketSetReadEvt(LPADAPTER AdapterObject)
191 {
192 DWORD BytesReturned;
193 WCHAR EventName[39];
194
195 // this tells the terminal service to retrieve the event from the global namespace
196 wcsncpy(EventName,L"Global\\",sizeof(L"Global\\"));
197
198 // retrieve the name of the shared event from the driver
199 if(DeviceIoControl(AdapterObject->hFile,pBIOCEVNAME,NULL,0,EventName+7,13*sizeof(TCHAR),&BytesReturned,NULL)==FALSE) return FALSE;
200
201 EventName[20]=0; // terminate the string
202
203 // open the shared event
204 AdapterObject->ReadEvent=CreateEventW(NULL,
205 TRUE,
206 FALSE,
207 EventName);
208
209 // in NT4 "Global\" is not automatically ignored: try to use simply the event name
210 if(GetLastError()!=ERROR_ALREADY_EXISTS){
211 if(AdapterObject->ReadEvent != NULL)
212 CloseHandle(AdapterObject->ReadEvent);
213
214 // open the shared event
215 AdapterObject->ReadEvent=CreateEventW(NULL,
216 TRUE,
217 FALSE,
218 EventName+7);
219 }
220
221 if(AdapterObject->ReadEvent==NULL || GetLastError()!=ERROR_ALREADY_EXISTS){
222 ODS("PacketSetReadEvt: error retrieving the event from the kernel\n");
223 return FALSE;
224 }
225
226 AdapterObject->ReadTimeOut=0;
227
228 return TRUE;
229
230 }
231
232 /*!
233 \brief Installs the NPF device driver.
234 \param ascmHandle Handle to the service control manager.
235 \param ascmHandle A pointer to a handle that will receive the pointer to the driver's service.
236 \param driverPath The full path of the .sys file to load.
237 \return If the function succeeds, the return value is nonzero.
238
239 This function installs the driver's service in the system using the CreateService function.
240 */
241
242 BOOL PacketInstallDriver(SC_HANDLE ascmHandle, SC_HANDLE* srvHandle, TCHAR* driverPath)
243 {
244 BOOL result = FALSE;
245 ULONG err;
246
247 ODS("installdriver\n");
248
249 if (GetFileAttributes(driverPath) != 0xffffffff) {
250 *srvHandle = CreateService(ascmHandle,
251 NPFServiceName,
252 NPFServiceDesc,
253 SERVICE_ALL_ACCESS,
254 SERVICE_KERNEL_DRIVER,
255 SERVICE_DEMAND_START,
256 SERVICE_ERROR_NORMAL,
257 driverPath,
258 NULL, NULL, NULL, NULL, NULL);
259 if (*srvHandle == NULL) {
260 if (GetLastError() == ERROR_SERVICE_EXISTS) {
261 //npf.sys already existed
262 result = TRUE;
263 }
264 } else {
265 //Created service for npf.sys
266 result = TRUE;
267 }
268 }
269 if (result == TRUE) {
270 if (*srvHandle != NULL) {
271 CloseServiceHandle(*srvHandle);
272 }
273 }
274
275 if (result == FALSE){
276 err = GetLastError();
277 if (err != 2) {
278 ODSEx("PacketInstallDriver failed, Error=%d\n",err);
279 }
280 }
281 return result;
282
283 }
284
285 /*!
286 \brief Convert a Unicode dotted-quad to a 32-bit IP address.
287 \param cp A string containing the address.
288 \return the converted 32-bit numeric address.
289
290 Doesn't check to make sure the address is valid.
291 */
292
293
294 ULONG inet_addrU(const WCHAR *cp)
295 {
296 ULONG val, part;
297 WCHAR c;
298 int i;
299
300 val = 0;
301 for (i = 0; i < 4; i++) {
302 part = 0;
303 while ((c = *cp++) != '\0' && c != '.') {
304 if (c < '0' || c > '9')
305 return -1;
306 part = part*10 + (c - '0');
307 }
308 if (part > 255)
309 return -1;
310 val = val | (part << i*8);
311 if (i == 3) {
312 if (c != '\0')
313 return -1; // extra gunk at end of string
314 } else {
315 if (c == '\0')
316 return -1; // string ends early
317 }
318 }
319 return val;
320 }
321
322 /*!
323 \brief Dumps a registry key to disk in text format. Uses regedit.
324 \param KeyName Name of the ket to dump. All its subkeys will be saved recursively.
325 \param FileName Name of the file that will contain the dump.
326 \return If the function succeeds, the return value is nonzero.
327
328 For debugging purposes, we use this function to obtain some registry keys from the user's machine.
329 */
330
331 #ifdef _DEBUG_TO_FILE
332
333 LONG PacketDumpRegistryKey(PCHAR KeyName, PCHAR FileName)
334 {
335 CHAR Command[256];
336
337 strcpy(Command, "regedit /e ");
338 strcat(Command, FileName);
339 strcat(Command, " ");
340 strcat(Command, KeyName);
341
342 /// Let regedit do the dirt work for us
343 system(Command);
344
345 return TRUE;
346 }
347 #endif
348
349 //---------------------------------------------------------------------------
350 // PUBLIC API
351 //---------------------------------------------------------------------------
352
353 /** @ingroup packetapi
354 * @{
355 */
356
357 /** @defgroup packet32 Packet.dll exported functions and variables
358 * @{
359 */
360
361 /// Current packet.dll Version. It can be retrieved directly or through the PacketGetVersion() function.
362 char PacketLibraryVersion[] = "2.3";
363
364 /*!
365 \brief Returns a string with the dll version.
366 \return A char pointer to the version of the library.
367 */
368 PCHAR PacketGetVersion(){
369 return PacketLibraryVersion;
370 }
371
372 /*!
373 \brief Returns information about the MAC type of an adapter.
374 \param AdapterObject The adapter on which information is needed.
375 \param type Pointer to a NetType structure that will be filled by the function.
376 \return If the function succeeds, the return value is nonzero, otherwise the return value is zero.
377
378 This function return the link layer technology and the speed (in bps) of an opened adapter.
379 The LinkType field of the type parameter can have one of the following values:
380
381 - NdisMedium802_3: Ethernet (802.3)
382 - NdisMediumWan: WAN
383 - NdisMedium802_5: Token Ring (802.5)
384 - NdisMediumFddi: FDDI
385 - NdisMediumAtm: ATM
386 - NdisMediumArcnet878_2: ARCNET (878.2)
387 */
388 BOOLEAN PacketGetNetType (LPADAPTER AdapterObject,NetType *type)
389 {
390 BOOLEAN Status;
391 ULONG IoCtlBufferLength=(sizeof(PACKET_OID_DATA)+sizeof(ULONG)-1);
392 PPACKET_OID_DATA OidData;
393
394 OidData=GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,IoCtlBufferLength);
395 if (OidData == NULL) {
396 ODS("PacketGetNetType failed\n");
397 return FALSE;
398 }
399 //get the link-layer type
400 OidData->Oid = OID_GEN_MEDIA_IN_USE;
401 OidData->Length = sizeof (ULONG);
402 Status = PacketRequest(AdapterObject,FALSE,OidData);
403 type->LinkType=*((UINT*)OidData->Data);
404
405 //get the link-layer speed
406 OidData->Oid = OID_GEN_LINK_SPEED;
407 OidData->Length = sizeof (ULONG);
408 Status = PacketRequest(AdapterObject,FALSE,OidData);
409 type->LinkSpeed=*((UINT*)OidData->Data)*100;
410 GlobalFreePtr (OidData);
411
412 ODSEx("Media:%d ",type->LinkType);
413 ODSEx("Speed=%d\n",type->LinkSpeed);
414
415 return Status;
416 }
417
418 /*!
419 \brief Stops and unloads the WinPcap device driver.
420 \return If the function succeeds, the return value is nonzero, otherwise it is zero.
421
422 This function can be used to unload the driver from memory when the application no more needs it.
423 Note that the driver is physically stopped and unloaded only when all the files on its devices
424 are closed, i.e. when all the applications that use WinPcap close all their adapters.
425 */
426 BOOL PacketStopDriver()
427 {
428 SC_HANDLE scmHandle;
429 SC_HANDLE schService;
430 BOOL ret;
431 SERVICE_STATUS serviceStatus;
432
433 scmHandle = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
434
435 if(scmHandle != NULL){
436
437 schService = OpenService (scmHandle,
438 NPFServiceName,
439 SERVICE_ALL_ACCESS
440 );
441
442 if (schService != NULL)
443 {
444
445 ret = ControlService (schService,
446 SERVICE_CONTROL_STOP,
447 &serviceStatus
448 );
449 if (!ret)
450 {
451 }
452
453 CloseServiceHandle (schService);
454
455 CloseServiceHandle(scmHandle);
456
457 return ret;
458 }
459 }
460
461 return FALSE;
462
463 }
464
465 /*!
466 \brief Opens an adapter.
467 \param AdapterName A string containing the name of the device to open.
468 Use the PacketGetAdapterNames() function to retrieve the list of available devices.
469 \return If the function succeeds, the return value is the pointer to a properly initialized ADAPTER object,
470 otherwise the return value is NULL.
471
472 This function tries to load and start the packet driver at the first invocation. In this way,
473 the management of the driver is transparent to the application, that simply needs to open an adapter to start
474 WinPcap.
475
476 \note the Windows 95 version of the NPF driver works with the ASCII string format, while the Windows NT
477 version works with UNICODE. Therefore, AdapterName \b should be an ASCII string in Windows 95, and a UNICODE
478 string in Windows NT. This difference is not a problem if the string pointed by AdapterName was obtained
479 through the PacketGetAdapterNames function, because it returns the names of the adapters in the proper format.
480 Problems can arise in Windows NT when the string is obtained from ANSI C functions like scanf, because they
481 use the ASCII format. Since this could be a relevant problem during the porting of command-line applications
482 from UNIX, we included in the Windows NT version of PacketOpenAdapter the ability to detect ASCII strings and
483 convert them to UNICODE before sending them to the device driver. Therefore PacketOpenAdapter in Windows NT
484 accepts both the ASCII and the UNICODE format. If a ASCII string is received, it is converted to UNICODE
485 by PACKET.DLL before being passed to the driver.
486 */
487 LPADAPTER PacketOpenAdapter(LPTSTR AdapterName)
488 {
489 LPADAPTER lpAdapter;
490 BOOLEAN Result;
491 char *AdapterNameA;
492 WCHAR *AdapterNameU;
493 DWORD error;
494 SC_HANDLE svcHandle = NULL;
495 TCHAR driverPath[512];
496 TCHAR WinPath[256];
497 LONG KeyRes;
498 HKEY PathKey;
499 SERVICE_STATUS SStat;
500 BOOLEAN QuerySStat;
501 WCHAR SymbolicLink[128];
502
503 ODSEx("PacketOpenAdapter: trying to open the adapter=%S\n",AdapterName);
504
505 scmHandle = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
506 if(scmHandle == NULL){
507 error = GetLastError();
508 ODSEx("OpenSCManager failed! Error=%d\n", error);
509 } else {
510 *driverPath = 0;
511 GetCurrentDirectory(512, driverPath);
512 wsprintf(driverPath + wcslen(driverPath), NPFDriverName);
513
514 // check if the NPF registry key is already present
515 // this means that the driver is already installed and that we don't need to call PacketInstallDriver
516 KeyRes=RegOpenKeyEx(HKEY_LOCAL_MACHINE,
517 NPFRegistryLocation,
518 0,
519 KEY_READ,
520 &PathKey);
521
522 if(KeyRes != ERROR_SUCCESS){
523 Result = PacketInstallDriver(scmHandle,&svcHandle,driverPath);
524 } else {
525 Result = TRUE;
526 RegCloseKey(PathKey);
527 }
528
529 if (Result) {
530
531 srvHandle = OpenService(scmHandle, NPFServiceName, SERVICE_START | SERVICE_QUERY_STATUS );
532 if (srvHandle != NULL){
533
534 QuerySStat = QueryServiceStatus(srvHandle, &SStat);
535 ODSEx("The status of the driver is:%d\n",SStat.dwCurrentState);
536
537 if (!QuerySStat || SStat.dwCurrentState != SERVICE_RUNNING){
538 ODS("Calling startservice\n");
539 if (StartService(srvHandle, 0, NULL)==0){
540 error = GetLastError();
541 if (error!=ERROR_SERVICE_ALREADY_RUNNING && error!=ERROR_ALREADY_EXISTS){
542 SetLastError(error);
543 if (scmHandle != NULL) CloseServiceHandle(scmHandle);
544 error = GetLastError();
545 ODSEx("PacketOpenAdapter: StartService failed, Error=%d\n",error);
546 return NULL;
547 }
548 }
549 }
550 } else {
551 error = GetLastError();
552 ODSEx("OpenService failed! Error=%d", error);
553 }
554 } else {
555 if (GetSystemDirectory(WinPath, sizeof(WinPath)/sizeof(TCHAR)) == 0) {
556 return FALSE;
557 }
558 wsprintf(driverPath, TEXT("%s\\drivers%s"), WinPath, NPFDriverName);
559
560 if (KeyRes != ERROR_SUCCESS) {
561 Result = PacketInstallDriver(scmHandle,&svcHandle,driverPath);
562 } else {
563 Result = TRUE;
564 }
565 if (Result) {
566 srvHandle = OpenService(scmHandle,NPFServiceName,SERVICE_START);
567 if (srvHandle != NULL) {
568 QuerySStat = QueryServiceStatus(srvHandle, &SStat);
569 ODSEx("The status of the driver is:%d\n",SStat.dwCurrentState);
570 if (!QuerySStat || SStat.dwCurrentState != SERVICE_RUNNING) {
571 ODS("Calling startservice\n");
572 if (StartService(srvHandle, 0, NULL) == 0) {
573 error = GetLastError();
574 if (error != ERROR_SERVICE_ALREADY_RUNNING && error!=ERROR_ALREADY_EXISTS) {
575 SetLastError(error);
576 if (scmHandle != NULL) CloseServiceHandle(scmHandle);
577 ODSEx("PacketOpenAdapter: StartService failed, Error=%d\n",error);
578 return NULL;
579 }
580 }
581 }
582 } else {
583 error = GetLastError();
584 ODSEx("OpenService failed! Error=%d", error);
585 }
586 }
587 }
588 }
589 if (scmHandle != NULL) CloseServiceHandle(scmHandle);
590
591 AdapterNameA = (char*)AdapterName;
592 if (AdapterNameA[1] != 0) { // ASCII
593 AdapterNameU = SChar2WChar(AdapterNameA);
594 AdapterName = AdapterNameU;
595 } else { // Unicode
596 AdapterNameU = NULL;
597 }
598
599 lpAdapter = (LPADAPTER)GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,sizeof(ADAPTER));
600 if (lpAdapter == NULL) {
601 ODS("PacketOpenAdapter: GlobalAlloc Failed\n");
602 error = GetLastError();
603 if (AdapterNameU != NULL) free(AdapterNameU);
604 //set the error to the one on which we failed
605 SetLastError(error);
606 ODS("PacketOpenAdapter: Failed to allocate the adapter structure\n");
607 return NULL;
608 }
609 lpAdapter->NumWrites = 1;
610
611 wsprintf(SymbolicLink,TEXT("\\\\.\\%s%s"), DOSNAMEPREFIX, &AdapterName[8]);
612
613 // Copy only the bytes that fit in the adapter structure.
614 // Note that lpAdapter->SymbolicLink is present for backward compatibility but will
615 // never be used by the apps
616 memcpy(lpAdapter->SymbolicLink, (PCHAR)SymbolicLink, MAX_LINK_NAME_LENGTH);
617
618 //try if it is possible to open the adapter immediately
619 lpAdapter->hFile = CreateFile(SymbolicLink,GENERIC_WRITE | GENERIC_READ,0,NULL,OPEN_EXISTING,0,0);
620
621 if (lpAdapter->hFile != INVALID_HANDLE_VALUE) {
622 ODSEx("PacketOpenAdapter: CreateFile(%S) successfull\n", SymbolicLink);
623 if (PacketSetReadEvt(lpAdapter) == FALSE) {
624 error = GetLastError();
625 ODS("PacketOpenAdapter: Unable to open the read event\n");
626 if (AdapterNameU != NULL)
627 free(AdapterNameU);
628 GlobalFreePtr(lpAdapter);
629 //set the error to the one on which we failed
630 SetLastError(error);
631 ODSEx("PacketOpenAdapter: PacketSetReadEvt failed, Error=%d\n",error);
632 return NULL;
633 }
634
635 PacketSetMaxLookaheadsize(lpAdapter);
636 if (AdapterNameU != NULL)
637 free(AdapterNameU);
638 return lpAdapter;
639 }
640 //this is probably the first request on the packet driver.
641 //We must create the dos device and set the access rights on it
642 else {
643 Result = DefineDosDevice(DDD_RAW_TARGET_PATH,
644 &SymbolicLink[4],
645 AdapterName);
646 if (Result) {
647
648 ODSEx("PacketOpenAdapter: calling CreateFile(%S)\n", SymbolicLink);
649
650 lpAdapter->hFile = CreateFile(
651 SymbolicLink,
652 GENERIC_WRITE | GENERIC_READ,0,NULL,OPEN_EXISTING,0,0);
653 if (lpAdapter->hFile != INVALID_HANDLE_VALUE) {
654 if (PacketSetReadEvt(lpAdapter) == FALSE) {
655 error = GetLastError();
656 ODS("PacketOpenAdapter: Unable to open the read event\n");
657 if (AdapterNameU != NULL)
658 free(AdapterNameU);
659 GlobalFreePtr(lpAdapter);
660 //set the error to the one on which we failed
661 SetLastError(error);
662 ODSEx("PacketOpenAdapter: PacketSetReadEvt failed, Error=1,%d\n",error);
663 return NULL;
664 }
665 PacketSetMaxLookaheadsize(lpAdapter);
666 if (AdapterNameU != NULL)
667 free(AdapterNameU);
668 return lpAdapter;
669 } else {
670 ODS("PacketOpenAdapter: CreateFile failed\n");
671 }
672 } else {
673 ODSEx("PacketOpenAdapter: DefineDosDevice(%S) failed\n", &SymbolicLink[4]);
674 }
675 }
676 error = GetLastError();
677 if (AdapterNameU != NULL)
678 free(AdapterNameU);
679 GlobalFreePtr(lpAdapter);
680 //set the error to the one on which we failed
681 SetLastError(error);
682 ODSEx("PacketOpenAdapter: CreateFile failed, Error=2,%d\n",error);
683 return NULL;
684
685 }
686
687 /*!
688 \brief Closes an adapter.
689 \param lpAdapter the pointer to the adapter to close.
690
691 PacketCloseAdapter closes the given adapter and frees the associated ADAPTER structure
692 */
693 VOID PacketCloseAdapter(LPADAPTER lpAdapter)
694 {
695 CloseHandle(lpAdapter->hFile);
696 SetEvent(lpAdapter->ReadEvent);
697 CloseHandle(lpAdapter->ReadEvent);
698 GlobalFreePtr(lpAdapter);
699 }
700
701 /*!
702 \brief Allocates a _PACKET structure.
703 \return On succeess, the return value is the pointer to a _PACKET structure otherwise the
704 return value is NULL.
705
706 The structure returned will be passed to the PacketReceivePacket() function to receive the
707 packets from the driver.
708
709 \warning The Buffer field of the _PACKET structure is not set by this function.
710 The buffer \b must be allocated by the application, and associated to the PACKET structure
711 with a call to PacketInitPacket.
712 */
713 LPPACKET PacketAllocatePacket(void)
714 {
715
716 LPPACKET lpPacket;
717 lpPacket = (LPPACKET)GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,sizeof(PACKET));
718 if (lpPacket == NULL) {
719 ODS("PacketAllocatePacket: GlobalAlloc Failed\n");
720 return NULL;
721 }
722 return lpPacket;
723 }
724
725 /*!
726 \brief Frees a _PACKET structure.
727 \param lpPacket The structure to free.
728
729 \warning the user-allocated buffer associated with the _PACKET structure is not deallocated
730 by this function and \b must be explicitly deallocated by the programmer.
731
732 */
733 VOID PacketFreePacket(LPPACKET lpPacket)
734 {
735 GlobalFreePtr(lpPacket);
736 }
737
738 /*!
739 \brief Initializes a _PACKET structure.
740 \param lpPacket The structure to initialize.
741 \param Buffer A pointer to a user-allocated buffer that will contain the captured data.
742 \param Length the length of the buffer. This is the maximum buffer size that will be
743 transferred from the driver to the application using a single read.
744
745 \note the size of the buffer associated with the PACKET structure is a parameter that can sensibly
746 influence the performance of the capture process, since this buffer will contain the packets received
747 from the the driver. The driver is able to return several packets using a single read call
748 (see the PacketReceivePacket() function for details), and the number of packets transferable to the
749 application in a call is limited only by the size of the buffer associated with the PACKET structure
750 passed to PacketReceivePacket(). Therefore setting a big buffer with PacketInitPacket can noticeably
751 decrease the number of system calls, reducing the impcat of the capture process on the processor.
752 */
753
754 VOID PacketInitPacket(LPPACKET lpPacket,PVOID Buffer,UINT Length)
755 {
756 lpPacket->Buffer = Buffer;
757 lpPacket->Length = Length;
758 lpPacket->ulBytesReceived = 0;
759 lpPacket->bIoComplete = FALSE;
760 }
761
762 /*!
763 \brief Read data (packets or statistics) from the NPF driver.
764 \param AdapterObject Pointer to an _ADAPTER structure identifying the network adapter from which
765 the data is received.
766 \param lpPacket Pointer to a PACKET structure that will contain the data.
767 \param Sync This parameter is deprecated and will be ignored. It is present for compatibility with
768 older applications.
769 \return If the function succeeds, the return value is nonzero.
770
771 The data received with this function can be a group of packets or a static on the network traffic,
772 depending on the working mode of the driver. The working mode can be set with the PacketSetMode()
773 function. Give a look at that function if you are interested in the format used to return statistics
774 values, here only the normal capture mode will be described.
775
776 The number of packets received with this function is variable. It depends on the number of packets
777 currently stored in the driver\92s buffer, on the size of these packets and on the size of the buffer
778 associated to the lpPacket parameter. The following figure shows the format used by the driver to pass
779 packets to the application.
780
781 \image html encoding.gif "method used to encode the packets"
782
783 Packets are stored in the buffer associated with the lpPacket _PACKET structure. The Length field of
784 that structure is updated with the amount of data copied in the buffer. Each packet has a header
785 consisting in a bpf_hdr structure that defines its length and contains its timestamp. A padding field
786 is used to word-align the data in the buffer (to speed up the access to the packets). The bh_datalen
787 and bh_hdrlen fields of the bpf_hdr structures should be used to extract the packets from the buffer.
788
789 Examples can be seen either in the TestApp sample application (see the \ref packetsamps page) provided
790 in the developer's pack, or in the pcap_read() function of wpcap.
791 */
792 BOOLEAN PacketReceivePacket(LPADAPTER AdapterObject,LPPACKET lpPacket,BOOLEAN Sync)
793 {
794 BOOLEAN res;
795 if ((int)AdapterObject->ReadTimeOut != -1)
796 WaitForSingleObject(AdapterObject->ReadEvent, (AdapterObject->ReadTimeOut==0)?INFINITE:AdapterObject->ReadTimeOut);
797 res = ReadFile(AdapterObject->hFile, lpPacket->Buffer, lpPacket->Length, &lpPacket->ulBytesReceived,NULL);
798 return res;
799 }
800
801 /*!
802 \brief Sends one (or more) copies of a packet to the network.
803 \param AdapterObject Pointer to an _ADAPTER structure identifying the network adapter that will
804 send the packets.
805 \param lpPacket Pointer to a PACKET structure with the packet to send.
806 \param Sync This parameter is deprecated and will be ignored. It is present for compatibility with
807 older applications.
808 \return If the function succeeds, the return value is nonzero.
809
810 This function is used to send a raw packet to the network. 'Raw packet' means that the programmer
811 will have to include the protocol headers, since the packet is sent to the network 'as is'.
812 The CRC needs not to be calculated and put at the end of the packet, because it will be transparently
813 added by the network interface.
814
815 The behavior of this function is influenced by the PacketSetNumWrites() function. With PacketSetNumWrites(),
816 it is possible to change the number of times a single write must be repeated. The default is 1,
817 i.e. every call to PacketSendPacket() will correspond to one packet sent to the network. If this number is
818 greater than 1, for example 1000, every raw packet written by the application will be sent 1000 times on
819 the network. This feature mitigates the overhead of the context switches and therefore can be used to generate
820 high speed traffic. It is particularly useful for tools that test networks, routers, and servers and need
821 to obtain high network loads.
822 The optimized sending process is still limited to one packet at a time: for the moment it cannot be used
823 to send a buffer with multiple packets.
824
825 \note The ability to write multiple packets is currently present only in the Windows NTx version of the
826 packet driver. In Windows 95/98/ME it is emulated at user level in packet.dll. This means that an application
827 that uses the multiple write method will run in Windows 9x as well, but its performance will be very low
828 compared to the one of WindowsNTx.
829 */
830 BOOLEAN PacketSendPacket(LPADAPTER AdapterObject,LPPACKET lpPacket,BOOLEAN Sync)
831 {
832 DWORD BytesTransfered;
833 return WriteFile(AdapterObject->hFile,lpPacket->Buffer,lpPacket->Length,&BytesTransfered,NULL);
834 }
835
836
837 /*!
838 \brief Sends a buffer of packets to the network.
839 \param AdapterObject Pointer to an _ADAPTER structure identifying the network adapter that will
840 send the packets.
841 \param PacketBuff Pointer to buffer with the packets to send.
842 \param Size Size of the buffer pointed by the PacketBuff argument.
843 \param Sync if TRUE, the packets are sent respecting the timestamps. If FALSE, the packets are sent as
844 fast as possible
845 \return The amount of bytes actually sent. If the return value is smaller than the Size parameter, an
846 error occurred during the send. The error can be caused by a driver/adapter problem or by an
847 inconsistent/bogus packet buffer.
848
849 This function is used to send a buffer of raw packets to the network. The buffer can contain an arbitrary
850 number of raw packets, each of which preceded by a dump_bpf_hdr structure. The dump_bpf_hdr is the same used
851 by WinPcap and libpcap to store the packets in a file, therefore sending a capture file is straightforward.
852 'Raw packets' means that the sending application will have to include the protocol headers, since every packet
853 is sent to the network 'as is'. The CRC of the packets needs not to be calculated, because it will be
854 transparently added by the network interface.
855
856 \note Using this function if more efficient than issuing a series of PacketSendPacket(), because the packets are
857 buffered in the kernel driver, so the number of context switches is reduced.
858
859 \note When Sync is set to TRUE, the packets are synchronized in the kerenl with a high precision timestamp.
860 This requires a remarkable amount of CPU, but allows to send the packets with a precision of some microseconds
861 (depending on the precision of the performance counter of the machine). Such a precision cannot be reached
862 sending the packets separately with PacketSendPacket().
863 */
864 INT PacketSendPackets(LPADAPTER AdapterObject, PVOID PacketBuff, ULONG Size, BOOLEAN Sync)
865 {
866 BOOLEAN Res;
867 DWORD BytesTransfered, TotBytesTransfered=0;
868 struct timeval BufStartTime;
869 LARGE_INTEGER StartTicks, CurTicks, TargetTicks, TimeFreq;
870
871
872 ODS("PacketSendPackets");
873
874 // Obtain starting timestamp of the buffer
875 BufStartTime.tv_sec = ((struct timeval*)(PacketBuff))->tv_sec;
876 BufStartTime.tv_usec = ((struct timeval*)(PacketBuff))->tv_usec;
877
878 // Retrieve the reference time counters
879 QueryPerformanceCounter(&StartTicks);
880 QueryPerformanceFrequency(&TimeFreq);
881
882 CurTicks.QuadPart = StartTicks.QuadPart;
883
884 do{
885 // Send the data to the driver
886 Res = DeviceIoControl(AdapterObject->hFile,
887 (Sync)?pBIOCSENDPACKETSSYNC:pBIOCSENDPACKETSNOSYNC,
888 (PCHAR)PacketBuff + TotBytesTransfered,
889 Size - TotBytesTransfered,
890 NULL,
891 0,
892 &BytesTransfered,
893 NULL);
894
895 TotBytesTransfered += BytesTransfered;
896
897 // calculate the time interval to wait before sending the next packet
898 TargetTicks.QuadPart = StartTicks.QuadPart +
899 (LONGLONG)
900 ((((struct timeval*)((PCHAR)PacketBuff + TotBytesTransfered))->tv_sec - BufStartTime.tv_sec) * 1000000 +
901 (((struct timeval*)((PCHAR)PacketBuff + TotBytesTransfered))->tv_usec - BufStartTime.tv_usec)) *
902 (TimeFreq.QuadPart) / 1000000;
903
904 // Exit from the loop on termination or error
905 if(TotBytesTransfered >= Size || Res != TRUE)
906 break;
907
908 // Wait until the time interval has elapsed
909 while( CurTicks.QuadPart <= TargetTicks.QuadPart )
910 QueryPerformanceCounter(&CurTicks);
911
912 }
913 while(TRUE);
914
915 return TotBytesTransfered;
916 }
917
918 /*!
919 \brief Defines the minimum amount of data that will be received in a read.
920 \param AdapterObject Pointer to an _ADAPTER structure
921 \param nbytes the minimum amount of data in the kernel buffer that will cause the driver to
922 release a read on this adapter.
923 \return If the function succeeds, the return value is nonzero.
924
925 In presence of a large value for nbytes, the kernel waits for the arrival of several packets before
926 copying the data to the user. This guarantees a low number of system calls, i.e. lower processor usage,
927 i.e. better performance, which is a good setting for applications like sniffers. Vice versa, a small value
928 means that the kernel will copy the packets as soon as the application is ready to receive them. This is
929 suggested for real time applications (like, for example, a bridge) that need the better responsiveness from
930 the kernel.
931
932 \b note: this function has effect only in Windows NTx. The driver for Windows 9x doesn't offer
933 this possibility, therefore PacketSetMinToCopy is implemented under these systems only for compatibility.
934 */
935
936 BOOLEAN PacketSetMinToCopy(LPADAPTER AdapterObject,int nbytes)
937 {
938 DWORD BytesReturned;
939 return DeviceIoControl(AdapterObject->hFile,pBIOCSMINTOCOPY,&nbytes,4,NULL,0,&BytesReturned,NULL);
940 }
941
942 /*!
943 \brief Sets the working mode of an adapter.
944 \param AdapterObject Pointer to an _ADAPTER structure.
945 \param mode The new working mode of the adapter.
946 \return If the function succeeds, the return value is nonzero.
947
948 The device driver of WinPcap has 4 working modes:
949 - Capture mode (mode = PACKET_MODE_CAPT): normal capture mode. The packets transiting on the wire are copied
950 to the application when PacketReceivePacket() is called. This is the default working mode of an adapter.
951 - Statistical mode (mode = PACKET_MODE_STAT): programmable statistical mode. PacketReceivePacket() returns, at
952 precise intervals, statics values on the network traffic. The interval between the statistic samples is
953 by default 1 second but it can be set to any other value (with a 1 ms precision) with the
954 PacketSetReadTimeout() function. The data returned by PacketReceivePacket() when the adapter is in statistical
955 mode is shown in the following figure:<p>
956 \image html stats.gif "data structure returned by statistical mode"
957 Two 64-bit counters are provided: the number of packets and the amount of bytes that satisfy a filter
958 previously set with PacketSetBPF(). If no filter has been set, all the packets are counted. The counters are
959 encapsulated in a bpf_hdr structure, so that they will be parsed correctly by wpcap. Statistical mode has a
960 very low impact on system performance compared to capture mode.
961 - Dump mode (mode = PACKET_MODE_DUMP): the packets are dumped to disk by the driver, in libpcap format. This
962 method is much faster than saving the packets after having captured them. No data is returned
963 by PacketReceivePacket(). If the application sets a filter with PacketSetBPF(), only the packets that satisfy
964 this filter are dumped to disk.
965 - Statitical Dump mode (mode = PACKET_MODE_STAT_DUMP): the packets are dumped to disk by the driver, in libpcap
966 format, like in dump mode. PacketReceivePacket() returns, at precise intervals, statics values on the
967 network traffic and on the amount of data saved to file, in a way similar to statistical mode.
968 The data returned by PacketReceivePacket() when the adapter is in statistical dump mode is shown in
969 the following figure:<p>
970 \image html dump.gif "data structure returned by statistical dump mode"
971 Three 64-bit counters are provided: the number of packets accepted, the amount of bytes accepted and the
972 effective amount of data (including headers) dumped to file. If no filter has been set, all the packets are
973 dumped to disk. The counters are encapsulated in a bpf_hdr structure, so that they will be parsed correctly
974 by wpcap.
975 Look at the NetMeter example in the
976 WinPcap developer's pack to see how to use statistics mode.
977 */
978 BOOLEAN PacketSetMode(LPADAPTER AdapterObject,int mode)
979 {
980 DWORD BytesReturned;
981 return DeviceIoControl(AdapterObject->hFile,pBIOCSMODE,&mode,4,NULL,0,&BytesReturned,NULL);
982 }
983
984 /*!
985 \brief Sets the name of the file that will receive the packet when the adapter is in dump mode.
986 \param AdapterObject Pointer to an _ADAPTER structure.
987 \param name the file name, in ASCII or UNICODE.
988 \param len the length of the buffer containing the name, in bytes.
989 \return If the function succeeds, the return value is nonzero.
990
991 This function defines the file name that the driver will open to store the packets on disk when
992 it works in dump mode. The adapter must be in dump mode, i.e. PacketSetMode() should have been
993 called previously with mode = PACKET_MODE_DUMP. otherwise this function will fail.
994 If PacketSetDumpName was already invoked on the adapter pointed by AdapterObject, the driver
995 closes the old file and opens the new one.
996 */
997
998 BOOLEAN PacketSetDumpName(LPADAPTER AdapterObject, void *name, int len)
999 {
1000 DWORD BytesReturned;
1001 WCHAR *FileName;
1002 BOOLEAN res;
1003 WCHAR NameWithPath[1024];
1004 int TStrLen;
1005 WCHAR *NamePos;
1006
1007 if(((PUCHAR)name)[1]!=0 && len>1){ //ASCII
1008 FileName=SChar2WChar(name);
1009 len*=2;
1010 }
1011 else { //Unicode
1012 FileName=name;
1013 }
1014
1015 TStrLen=GetFullPathName(FileName,1024,NameWithPath,&NamePos);
1016
1017 len=TStrLen*2+2; //add the terminating null character
1018
1019 // Try to catch malformed strings
1020 if(len>2048){
1021 if(((PUCHAR)name)[1]!=0 && len>1) free(FileName);
1022 return FALSE;
1023 }
1024
1025 res = DeviceIoControl(AdapterObject->hFile,pBIOCSETDUMPFILENAME,NameWithPath,len,NULL,0,&BytesReturned,NULL);
1026 free(FileName);
1027 return res;
1028 }
1029
1030 /*!
1031 \brief Set the dump mode limits.
1032 \param AdapterObject Pointer to an _ADAPTER structure.
1033 \param maxfilesize The maximum dimension of the dump file, in bytes. 0 means no limit.
1034 \param maxnpacks The maximum number of packets contained in the dump file. 0 means no limit.
1035 \return If the function succeeds, the return value is nonzero.
1036
1037 This function sets the limits after which the NPF driver stops to save the packets to file when an adapter
1038 is in dump mode. This allows to limit the dump file to a precise number of bytes or packets, avoiding that
1039 very long dumps fill the disk space. If both maxfilesize and maxnpacks are set, the dump is stopped when
1040 the first of the two is reached.
1041
1042 \note When a limit is reached, the dump is stopped, but the file remains opened. In order to flush
1043 correctly the data and access the file consistently, you need to close the adapter with PacketCloseAdapter().
1044 */
1045 BOOLEAN PacketSetDumpLimits(LPADAPTER AdapterObject, UINT maxfilesize, UINT maxnpacks)
1046 {
1047 DWORD BytesReturned;
1048 UINT valbuff[2];
1049
1050 valbuff[0] = maxfilesize;
1051 valbuff[1] = maxnpacks;
1052
1053 return DeviceIoControl(AdapterObject->hFile,
1054 pBIOCSETDUMPLIMITS,
1055 valbuff,
1056 sizeof valbuff,
1057 NULL,
1058 0,
1059 &BytesReturned,
1060 NULL);
1061 }
1062
1063 /*!
1064 \brief Returns the status of the kernel dump process, i.e. tells if one of the limits defined with PacketSetDumpLimits() was reached.
1065 \param AdapterObject Pointer to an _ADAPTER structure.
1066 \param sync if TRUE, the function blocks until the dump is finished, otherwise it returns immediately.
1067 \return TRUE if the dump is ended, FALSE otherwise.
1068
1069 PacketIsDumpEnded() informs the user about the limits that were set with a previous call to
1070 PacketSetDumpLimits().
1071
1072 \warning If no calls to PacketSetDumpLimits() were performed or if the dump process has no limits
1073 (i.e. if the arguments of the last call to PacketSetDumpLimits() were both 0), setting sync to TRUE will
1074 block the application on this call forever.
1075 */
1076 BOOLEAN PacketIsDumpEnded(LPADAPTER AdapterObject, BOOLEAN sync)
1077 {
1078 DWORD BytesReturned;
1079 int IsDumpEnded;
1080 BOOLEAN res;
1081
1082 if(sync)
1083 WaitForSingleObject(AdapterObject->ReadEvent, INFINITE);
1084
1085 res = DeviceIoControl(AdapterObject->hFile,
1086 pBIOCISDUMPENDED,
1087 NULL,
1088 0,
1089 &IsDumpEnded,
1090 4,
1091 &BytesReturned,
1092 NULL);
1093
1094 if(res == FALSE) return TRUE; // If the IOCTL returns an error we consider the dump finished
1095
1096 return (BOOLEAN)IsDumpEnded;
1097 }
1098
1099 /*!
1100 \brief Returns the notification event associated with the read calls on an adapter.
1101 \param AdapterObject Pointer to an _ADAPTER structure.
1102 \return The handle of the event that the driver signals when some data is available in the kernel buffer.
1103
1104 The event returned by this function is signaled by the driver if:
1105 - The adapter pointed by AdapterObject is in capture mode and an amount of data greater or equal
1106 than the one set with the PacketSetMinToCopy() function is received from the network.
1107 - the adapter pointed by AdapterObject is in capture mode, no data has been received from the network
1108 but the the timeout set with the PacketSetReadTimeout() function has elapsed.
1109 - the adapter pointed by AdapterObject is in statics mode and the the timeout set with the
1110 PacketSetReadTimeout() function has elapsed. This means that a new statistic sample is available.
1111
1112 In every case, a call to PacketReceivePacket() will return immediately.
1113 The event can be passed to standard Win32 functions (like WaitForSingleObject or WaitForMultipleObjects)
1114 to wait until the driver's buffer contains some data. It is particularly useful in GUI applications that
1115 need to wait concurrently on several events.
1116
1117 */
1118 HANDLE PacketGetReadEvent(LPADAPTER AdapterObject)
1119 {
1120 return AdapterObject->ReadEvent;
1121 }
1122
1123 /*!
1124 \brief Sets the number of times a single packet written with PacketSendPacket() will be repeated on the network.
1125 \param AdapterObject Pointer to an _ADAPTER structure.
1126 \param nwrites Number of copies of a packet that will be physically sent by the interface.
1127 \return If the function succeeds, the return value is nonzero.
1128
1129 See PacketSendPacket() for details.
1130 */
1131 BOOLEAN PacketSetNumWrites(LPADAPTER AdapterObject,int nwrites)
1132 {
1133 DWORD BytesReturned;
1134 return DeviceIoControl(AdapterObject->hFile,pBIOCSWRITEREP,&nwrites,4,NULL,0,&BytesReturned,NULL);
1135 }
1136
1137 /*!
1138 \brief Sets the timeout after which a read on an adapter returns.
1139 \param AdapterObject Pointer to an _ADAPTER structure.
1140 \param timeout indicates the timeout, in milliseconds, after which a call to PacketReceivePacket() on
1141 the adapter pointed by AdapterObject will be released, also if no packets have been captured by the driver.
1142 Setting timeout to 0 means no timeout, i.e. PacketReceivePacket() never returns if no packet arrives.
1143 A timeout of -1 causes PacketReceivePacket() to always return immediately.
1144 \return If the function succeeds, the return value is nonzero.
1145
1146 \note This function works also if the adapter is working in statistics mode, and can be used to set the
1147 time interval between two statistic reports.
1148 */
1149 BOOLEAN PacketSetReadTimeout(LPADAPTER AdapterObject,int timeout)
1150 {
1151 DWORD BytesReturned;
1152 int DriverTimeOut=-1;
1153
1154 AdapterObject->ReadTimeOut=timeout;
1155
1156 return DeviceIoControl(AdapterObject->hFile,pBIOCSRTIMEOUT,&DriverTimeOut,4,NULL,0,&BytesReturned,NULL);
1157 }
1158
1159 /*!
1160 \brief Sets the size of the kernel-level buffer associated with a capture.
1161 \param AdapterObject Pointer to an _ADAPTER structure.
1162 \param dim New size of the buffer, in \b kilobytes.
1163 \return The function returns TRUE if successfully completed, FALSE if there is not enough memory to
1164 allocate the new buffer.
1165
1166 When a new dimension is set, the data in the old buffer is discarded and the packets stored in it are
1167 lost.
1168
1169 Note: the dimension of the kernel buffer affects heavily the performances of the capture process.
1170 An adequate buffer in the driver is able to keep the packets while the application is busy, compensating
1171 the delays of the application and avoiding the loss of packets during bursts or high network activity.
1172 The buffer size is set to 0 when an instance of the driver is opened: the programmer should remember to
1173 set it to a proper value. As an example, wpcap sets the buffer size to 1MB at the beginning of a capture.
1174 */
1175 BOOLEAN PacketSetBuff(LPADAPTER AdapterObject,int dim)
1176 {
1177 DWORD BytesReturned;
1178 return DeviceIoControl(AdapterObject->hFile,pBIOCSETBUFFERSIZE,&dim,4,NULL,0,&BytesReturned,NULL);
1179 }
1180
1181 /*!
1182 \brief Sets a kernel-level packet filter.
1183 \param AdapterObject Pointer to an _ADAPTER structure.
1184 \param fp Pointer to a filtering program that will be associated with this capture or monitoring
1185 instance and that will be executed on every incoming packet.
1186 \return This function returns TRUE if the filter is set successfully, FALSE if an error occurs
1187 or if the filter program is not accepted after a safeness check by the driver. The driver performs
1188 the check in order to avoid system crashes due to buggy or malicious filters, and it rejects non
1189 conformat filters.
1190
1191 This function associates a new BPF filter to the adapter AdapterObject. The filter, pointed by fp, is a
1192 set of bpf_insn instructions.
1193
1194 A filter can be automatically created by using the pcap_compile() function of wpcap. This function
1195 converts a human readable text expression with the syntax of WinDump (see the manual of WinDump at
1196 http://netgroup.polito.it/windump for details) into a BPF program. If your program doesn't link wpcap, but
1197 you need to know the code of a particular filter, you can launch WinDump with the -d or -dd or -ddd
1198 flags to obtain the pseudocode.
1199
1200 */
1201 BOOLEAN PacketSetBpf(LPADAPTER AdapterObject,struct bpf_program *fp)
1202 {
1203 DWORD BytesReturned;
1204 return DeviceIoControl(AdapterObject->hFile,pBIOCSETF,(char*)fp->bf_insns,fp->bf_len*sizeof(struct bpf_insn),NULL,0,&BytesReturned,NULL);
1205 }
1206
1207 /*!
1208 \brief Returns a couple of statistic values about the current capture session.
1209 \param AdapterObject Pointer to an _ADAPTER structure.
1210 \param s Pointer to a user provided bpf_stat structure that will be filled by the function.
1211 \return If the function succeeds, the return value is nonzero.
1212
1213 With this function, the programmer can know the value of two internal variables of the driver:
1214
1215 - the number of packets that have been received by the adapter AdapterObject, starting at the
1216 time in which it was opened with PacketOpenAdapter.
1217 - the number of packets that have been dropped by the driver. A packet is dropped when the kernel
1218 buffer associated with the adapter is full.
1219 */
1220 BOOLEAN PacketGetStats(LPADAPTER AdapterObject,struct bpf_stat *s)
1221 {
1222 BOOLEAN Res;
1223 DWORD BytesReturned;
1224 struct bpf_stat tmpstat; // We use a support structure to avoid kernel-level inconsistencies with old or malicious applications
1225
1226 Res = DeviceIoControl(AdapterObject->hFile,
1227 pBIOCGSTATS,
1228 NULL,
1229 0,
1230 &tmpstat,
1231 sizeof(struct bpf_stat),
1232 &BytesReturned,
1233 NULL);
1234
1235 // Copy only the first two values retrieved from the driver
1236 s->bs_recv = tmpstat.bs_recv;
1237 s->bs_drop = tmpstat.bs_drop;
1238
1239 return Res;
1240 }
1241
1242 /*!
1243 \brief Returns statistic values about the current capture session. Enhanced version of PacketGetStats().
1244 \param AdapterObject Pointer to an _ADAPTER structure.
1245 \param s Pointer to a user provided bpf_stat structure that will be filled by the function.
1246 \return If the function succeeds, the return value is nonzero.
1247
1248 With this function, the programmer can retireve the sname values provided by PacketGetStats(), plus:
1249
1250 - the number of drops by interface (not yet supported, always 0).
1251 - the number of packets that reached the application, i.e that were accepted by the kernel filter and
1252 that fitted in the kernel buffer.
1253 */
1254 BOOLEAN PacketGetStatsEx(LPADAPTER AdapterObject,struct bpf_stat *s)
1255 {
1256 BOOLEAN Res;
1257 DWORD BytesReturned;
1258 struct bpf_stat tmpstat; // We use a support structure to avoid kernel-level inconsistencies with old or malicious applications
1259
1260 Res = DeviceIoControl(AdapterObject->hFile,
1261 pBIOCGSTATS,
1262 NULL,
1263 0,
1264 &tmpstat,
1265 sizeof(struct bpf_stat),
1266 &BytesReturned,
1267 NULL);
1268
1269 s->bs_recv = tmpstat.bs_recv;
1270 s->bs_drop = tmpstat.bs_drop;
1271 s->ps_ifdrop = tmpstat.ps_ifdrop;
1272 s->bs_capt = tmpstat.bs_capt;
1273
1274 return Res;
1275 }
1276
1277 /*!
1278 \brief Performs a query/set operation on an internal variable of the network card driver.
1279 \param AdapterObject Pointer to an _ADAPTER structure.
1280 \param Set Determines if the operation is a set (Set=TRUE) or a query (Set=FALSE).
1281 \param OidData A pointer to a _PACKET_OID_DATA structure that contains or receives the data.
1282 \return If the function succeeds, the return value is nonzero.
1283
1284 \note not all the network adapters implement all the query/set functions. There is a set of mandatory
1285 OID functions that is granted to be present on all the adapters, and a set of facultative functions, not
1286 provided by all the cards (see the Microsoft DDKs to see which functions are mandatory). If you use a
1287 facultative function, be careful to enclose it in an if statement to check the result.
1288 */
1289 BOOLEAN PacketRequest(LPADAPTER AdapterObject,BOOLEAN Set,PPACKET_OID_DATA OidData)
1290 {
1291 //DWORD BytesReturned;
1292 BOOLEAN Result = 0;
1293 /*commented out since its broken & needs fixing*/
1294 /*Result=DeviceIoControl(AdapterObject->hFile,(DWORD) Set ? pBIOCSETOID : pBIOCQUERYOID,
1295 OidData,sizeof(PACKET_OID_DATA)-1+OidData->Length,OidData,
1296 sizeof(PACKET_OID_DATA)-1+OidData->Length,&BytesReturned,NULL);*/
1297
1298 // output some debug info
1299 ODSEx("PacketRequest, OID=%d ", OidData->Oid);
1300 ODSEx("Length=%d ", OidData->Length);
1301 ODSEx("Set=%d ", Set);
1302 ODSEx("Res=%d\n", Result);
1303
1304 return Result;
1305 }
1306
1307 /*!
1308 \brief Sets a hardware filter on the incoming packets.
1309 \param AdapterObject Pointer to an _ADAPTER structure.
1310 \param Filter The identifier of the filter.
1311 \return If the function succeeds, the return value is nonzero.
1312
1313 The filter defined with this filter is evaluated by the network card, at a level that is under the NPF
1314 device driver. Here is a list of the most useful hardware filters (A complete list can be found in ntddndis.h):
1315
1316 - NDIS_PACKET_TYPE_PROMISCUOUS: sets promiscuous mode. Every incoming packet is accepted by the adapter.
1317 - NDIS_PACKET_TYPE_DIRECTED: only packets directed to the workstation's adapter are accepted.
1318 - NDIS_PACKET_TYPE_BROADCAST: only broadcast packets are accepted.
1319 - NDIS_PACKET_TYPE_MULTICAST: only multicast packets belonging to groups of which this adapter is a member are accepted.
1320 - NDIS_PACKET_TYPE_ALL_MULTICAST: every multicast packet is accepted.
1321 - NDIS_PACKET_TYPE_ALL_LOCAL: all local packets, i.e. NDIS_PACKET_TYPE_DIRECTED + NDIS_PACKET_TYPE_BROADCAST + NDIS_PACKET_TYPE_MULTICAST
1322 */
1323 BOOLEAN PacketSetHwFilter(LPADAPTER AdapterObject,ULONG Filter)
1324 {
1325 BOOLEAN Status;
1326 ULONG IoCtlBufferLength=(sizeof(PACKET_OID_DATA)+sizeof(ULONG)-1);
1327 PPACKET_OID_DATA OidData;
1328
1329 OidData=GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,IoCtlBufferLength);
1330 if (OidData == NULL) {
1331 ODS("PacketSetHwFilter: GlobalAlloc Failed\n");
1332 return FALSE;
1333 }
1334 OidData->Oid=OID_GEN_CURRENT_PACKET_FILTER;
1335 OidData->Length=sizeof(ULONG);
1336 *((PULONG)OidData->Data)=Filter;
1337 Status=PacketRequest(AdapterObject,TRUE,OidData);
1338 GlobalFreePtr(OidData);
1339 return Status;
1340 }
1341
1342 /*!
1343 \brief Retrieve the list of available network adapters and their description.
1344 \param pStr User allocated string that will be filled with the names of the adapters.
1345 \param BufferSize Length of the buffer pointed by pStr.
1346 \return If the function succeeds, the return value is nonzero.
1347
1348 Usually, this is the first function that should be used to communicate with the driver.
1349 It returns the names of the adapters installed on the system <B>and supported by WinPcap</B>.
1350 After the names of the adapters, pStr contains a string that describes each of them.
1351
1352 \b Warning:
1353 the result of this function is obtained querying the registry, therefore the format
1354 of the result in Windows NTx is different from the one in Windows 9x. Windows 9x uses the ASCII
1355 encoding method to store a string, while Windows NTx uses UNICODE. After a call to PacketGetAdapterNames
1356 in Windows 95x, pStr contains, in succession:
1357 - a variable number of ASCII strings, each with the names of an adapter, separated by a "\0"
1358 - a double "\0"
1359 - a number of ASCII strings, each with the description of an adapter, separated by a "\0". The number
1360 of descriptions is the same of the one of names. The fisrt description corresponds to the first name, and
1361 so on.
1362 - a double "\0".
1363
1364 In Windows NTx, pStr contains: the names of the adapters, in UNICODE format, separated by a single UNICODE "\0" (i.e. 2 ASCII "\0"), a double UNICODE "\0", followed by the descriptions of the adapters, in ASCII format, separated by a single ASCII "\0" . The string is terminated by a double ASCII "\0".
1365 - a variable number of UNICODE strings, each with the names of an adapter, separated by a UNICODE "\0"
1366 - a double UNICODE "\0"
1367 - a number of ASCII strings, each with the description of an adapter, separated by an ASCII "\0".
1368 - a double ASCII "\0".
1369 */
1370
1371 BOOLEAN PacketGetAdapterNames(PTSTR pStr, PULONG BufferSize)
1372 {
1373 HKEY LinkageKey, AdapKey;
1374 DWORD RegKeySize = 0;
1375 LONG Status;
1376 ULONG Result;
1377 PTSTR BpStr;
1378 char *TTpStr;
1379 char *DpStr;
1380 char *DescBuf;
1381 LPADAPTER adapter;
1382 PPACKET_OID_DATA OidData;
1383 int i = 0, k, rewind;
1384 DWORD dim;
1385 TCHAR AdapName[256];
1386
1387 ODSEx("PacketGetAdapterNames: BufferSize=%d\n",*BufferSize);
1388
1389 OidData = GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT, 512);
1390 if (OidData == NULL) {
1391 ODS("PacketGetAdapterNames: GlobalAlloc Failed\n");
1392 return FALSE;
1393 }
1394
1395 Status = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
1396 TEXT("SYSTEM\\ControlSet001\\Control\\Class\\{4D36E972-E325-11CE-BFC1-08002BE10318}"),
1397 0, KEY_READ, &AdapKey);
1398
1399 // Get the size to allocate for the original device names
1400 while ((Result = RegEnumKey(AdapKey, i, AdapName, sizeof(AdapName)/2)) == ERROR_SUCCESS) {
1401 Status = RegOpenKeyEx(AdapKey, AdapName,0, KEY_READ, &LinkageKey);
1402 Status = RegOpenKeyExW(LinkageKey, L"Linkage",0, KEY_READ, &LinkageKey);
1403 Status = RegQueryValueExW(LinkageKey, L"Export", NULL, NULL, NULL, &dim);
1404 i++;
1405 if (Status!=ERROR_SUCCESS) continue;
1406 RegKeySize += dim;
1407 }
1408
1409 // Allocate the memory for the original device names
1410 ODSEx("Need %d bytes for the names\n", RegKeySize+2);
1411 BpStr = GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT, RegKeySize+2);
1412 if (BpStr == NULL || RegKeySize > *BufferSize) {
1413 ODS("PacketGetAdapterNames: GlobalAlloc Failed\n");
1414 GlobalFreePtr(OidData);
1415 return FALSE;
1416 }
1417 k = 0;
1418 i = 0;
1419
1420 ODS("PacketGetAdapterNames: Cycling through the adapters:\n");
1421
1422 // Copy the names to the buffer
1423 while ((Result = RegEnumKey(AdapKey, i, AdapName, sizeof(AdapName)/2)) == ERROR_SUCCESS) {
1424 WCHAR UpperBindStr[64];
1425
1426 i++;
1427 ODSEx(" %d) ", i);
1428
1429 Status = RegOpenKeyEx(AdapKey,AdapName,0,KEY_READ,&LinkageKey);
1430 Status = RegOpenKeyExW(LinkageKey,L"Linkage",0,KEY_READ,&LinkageKey);
1431
1432 dim=sizeof(UpperBindStr);
1433 Status=RegQueryValueExW(LinkageKey,L"UpperBind",NULL,NULL,(PUCHAR)UpperBindStr,&dim);
1434
1435 ODSEx("UpperBind=%S ", UpperBindStr);
1436
1437 if( Status!=ERROR_SUCCESS || _wcsicmp(UpperBindStr,L"NdisWan")==0 ){
1438 ODS("Name = SKIPPED\n");
1439 continue;
1440 }
1441
1442 dim=RegKeySize-k;
1443 Status=RegQueryValueExW(LinkageKey,L"Export",NULL,NULL,(LPBYTE)BpStr+k,&dim);
1444 if(Status!=ERROR_SUCCESS){
1445 ODS("Name = SKIPPED (error reading the key)\n");
1446 continue;
1447 }
1448
1449 ODSEx("Name = %S\n", (LPBYTE)BpStr+k);
1450
1451 k+=dim-2;
1452 }
1453
1454 CloseHandle(AdapKey);
1455
1456 #ifdef _DEBUG_TO_FILE
1457 //dump BpStr for debug purposes
1458 ODS("Dumping BpStr:");
1459 {
1460 FILE *f;
1461 f = fopen("winpcap_debug.txt", "a");
1462 for(i=0;i<k;i++){
1463 if(!(i%32))fprintf(f, "\n ");
1464 fprintf(f, "%c " , *((LPBYTE)BpStr+i));
1465 }
1466 fclose(f);
1467 }
1468 ODS("\n");
1469 #endif
1470
1471
1472 if (k != 0){
1473
1474 DescBuf=GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT, 4096);
1475 if (DescBuf == NULL) {
1476 GlobalFreePtr (BpStr);
1477 GlobalFreePtr(OidData);
1478 return FALSE;
1479 }
1480 DpStr=DescBuf;
1481
1482 for(i=0,k=0;BpStr[i]!=0 || BpStr[i+1]!=0;){
1483
1484 if(k+wcslen(BpStr+i)+30 > *BufferSize){
1485 // Input buffer too small
1486 GlobalFreePtr(OidData);
1487 GlobalFreePtr (BpStr);
1488 GlobalFreePtr (DescBuf);
1489 ODS("PacketGetAdapterNames: Input buffer too small!\n");
1490 return FALSE;
1491 }
1492
1493 // Create the device name
1494 rewind=k;
1495 memcpy(pStr+k,BpStr+i,16);
1496 memcpy(pStr+k+8,TEXT("NPF_"),8);
1497 i+=8;
1498 k+=12;
1499 while(BpStr[i-1]!=0){
1500 pStr[k++]=BpStr[i++];
1501 }
1502
1503 // Open the adapter
1504 adapter=PacketOpenAdapter(pStr+rewind);
1505 if(adapter==NULL){
1506 k=rewind;
1507 continue;
1508 }
1509
1510 // Retrieve the description
1511 OidData->Oid = OID_GEN_VENDOR_DESCRIPTION;
1512 OidData->Length = 256;
1513 ZeroMemory(OidData->Data,256);
1514 Status = PacketRequest(adapter,FALSE,OidData);
1515 if(Status==0 || ((char*)OidData->Data)[0]==0){
1516 k=rewind;
1517 continue;
1518 }
1519
1520 ODSEx("Adapter Description=%s\n\n",OidData->Data);
1521
1522 // Copy the description
1523 TTpStr=(char*)(OidData->Data);
1524 while(*TTpStr!=0){
1525 *DpStr++=*TTpStr++;
1526 }
1527 *DpStr++=*TTpStr++;
1528
1529 // Close the adapter
1530 PacketCloseAdapter(adapter);
1531
1532 }
1533 *DpStr = 0;
1534
1535 pStr[k++] = 0;
1536 pStr[k] = 0;
1537
1538 if ((ULONG)(DpStr - DescBuf + k) < *BufferSize) {
1539 memcpy(pStr + k, DescBuf, DpStr - DescBuf);
1540 } else {
1541 GlobalFreePtr(OidData);
1542 GlobalFreePtr(BpStr);
1543 GlobalFreePtr(DescBuf);
1544 ODS("\nPacketGetAdapterNames: ended with failure\n");
1545 return FALSE;
1546 }
1547
1548 GlobalFreePtr(OidData);
1549 GlobalFreePtr(BpStr);
1550 GlobalFreePtr(DescBuf);
1551 ODS("\nPacketGetAdapterNames: ended correctly\n");
1552 return TRUE;
1553 }
1554 else{
1555 DWORD RegType;
1556
1557 ODS("Adapters not found under SYSTEM\\ControlSet001\\Control\\Class. Using the TCP/IP bindings.\n");
1558
1559 GlobalFreePtr(BpStr);
1560 Status = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
1561 TEXT("SYSTEM\\ControlSet001\\Services\\Tcpip\\Linkage"),
1562 0, KEY_READ, &LinkageKey);
1563 if (Status == ERROR_SUCCESS) {
1564 // Retrieve the length of the key
1565 Status = RegQueryValueEx(LinkageKey, TEXT("bind"), NULL, &RegType, NULL, &RegKeySize);
1566 // Allocate the buffer
1567 BpStr = GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT, RegKeySize + 2);
1568 if (BpStr == NULL || RegKeySize > *BufferSize) {
1569 GlobalFreePtr(OidData);
1570 return FALSE;
1571 }
1572 Status = RegQueryValueEx(LinkageKey, TEXT("bind"), NULL, &RegType, (LPBYTE)BpStr, &RegKeySize);
1573 RegCloseKey(LinkageKey);
1574 } else {
1575 //ODS("SYSTEM\\ControlSet001\\Control\\Class - RegKey not found.\n");
1576 ODS("SYSTEM\\ControlSet001\\Services\\Tcpip\\Linkage - RegKey not found.\n");
1577 }
1578 if (Status == ERROR_SUCCESS) {
1579 DescBuf = GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT, 4096);
1580 if (DescBuf == NULL) {
1581 GlobalFreePtr(BpStr);
1582 GlobalFreePtr(OidData);
1583 return FALSE;
1584 }
1585 DpStr = DescBuf;
1586 for (i = 0, k = 0; BpStr[i] != 0 || BpStr[i+1] != 0; ) {
1587 if (k + wcslen(BpStr + i) + 30 > *BufferSize) {
1588 // Input buffer too small
1589 GlobalFreePtr(OidData);
1590 GlobalFreePtr(BpStr);
1591 GlobalFreePtr(DescBuf);
1592 return FALSE;
1593 }
1594
1595 ODS("\tCreating a device name - started.\n");
1596
1597 // Create the device name
1598 rewind = k;
1599 memcpy(pStr + k,BpStr + i,16);
1600 memcpy(pStr + k + 8, TEXT("NPF_"), 8);
1601 i += 8;
1602 k += 12;
1603 while (BpStr[i - 1] != 0) {
1604 pStr[k++] = BpStr[i++];
1605 }
1606 // Open the adapter
1607 adapter = PacketOpenAdapter(pStr+rewind);
1608 if (adapter == NULL) {
1609 k = rewind;
1610 continue;
1611 }
1612 // Retrieve the description
1613 OidData->Oid = OID_GEN_VENDOR_DESCRIPTION;
1614 OidData->Length = 256;
1615 Status = PacketRequest(adapter, FALSE, OidData);
1616 if (Status == 0 || ((char*)OidData->Data)[0] == 0) {
1617 k = rewind;
1618 ODS("\tCreating a device name - Retrieve the description.\n");
1619 continue;
1620 }
1621
1622 // Copy the description
1623 TTpStr = (char*)(OidData->Data);
1624 while (*TTpStr != 0){
1625 *DpStr++ = *TTpStr++;
1626 }
1627 *DpStr++ = *TTpStr++;
1628 // Close the adapter
1629 PacketCloseAdapter(adapter);
1630
1631 ODS("\tCreating a device name - completed.\n");
1632 }
1633 *DpStr = 0;
1634
1635 pStr[k++] = 0;
1636 pStr[k] = 0;
1637
1638 if ((ULONG)(DpStr - DescBuf + k) < *BufferSize) {
1639 memcpy(pStr + k, DescBuf, DpStr-DescBuf);
1640 } else {
1641 GlobalFreePtr(OidData);
1642 GlobalFreePtr(BpStr);
1643 GlobalFreePtr(DescBuf);
1644 return FALSE;
1645 }
1646
1647 GlobalFreePtr(OidData);
1648 GlobalFreePtr(BpStr);
1649 GlobalFreePtr(DescBuf);
1650 ODS("PacketGetAdapterNames() returning TRUE\n");
1651 return TRUE;
1652 } else {
1653 MessageBox(NULL,TEXT("Can not find TCP/IP bindings.\nIn order to run the packet capture driver you must install TCP/IP."),szWindowTitle,MB_OK);
1654 ODS("Cannot find the TCP/IP bindings\n");
1655 return FALSE;
1656 }
1657 }
1658 }
1659
1660 /*!
1661 \brief Returns comprehensive information the addresses of an adapter.
1662 \param AdapterName String that contain _ADAPTER structure.
1663 \param buffer A user allocated array of npf_if_addr that will be filled by the function.
1664 \param NEntries Size of the array (in npf_if_addr).
1665 \return If the function succeeds, the return value is nonzero.
1666
1667 This function grabs from the registry information like the IP addresses, the netmasks
1668 and the broadcast addresses of an interface. The buffer passed by the user is filled with
1669 npf_if_addr structures, each of which contains the data for a single address. If the buffer
1670 is full, the reaming addresses are dropeed, therefore set its dimension to sizeof(npf_if_addr)
1671 if you want only the first address.
1672 */
1673
1674 BOOLEAN PacketGetNetInfoEx(LPTSTR AdapterName, npf_if_addr* buffer, PLONG NEntries)
1675 {
1676 char *AdapterNameA;
1677 WCHAR *AdapterNameU;
1678 WCHAR *ifname;
1679 HKEY SystemKey;
1680 HKEY InterfaceKey;
1681 HKEY ParametersKey;
1682 HKEY TcpIpKey;
1683 HKEY UnderTcpKey;
1684 LONG status;
1685 WCHAR String[1024+1];
1686 DWORD RegType;
1687 ULONG BufLen;
1688 DWORD DHCPEnabled;
1689 struct sockaddr_in *TmpAddr, *TmpBroad;
1690 LONG naddrs,nmasks,StringPos;
1691 DWORD ZeroBroadcast;
1692
1693 AdapterNameA = (char*)AdapterName;
1694 if(AdapterNameA[1] != 0) { //ASCII
1695 AdapterNameU = SChar2WChar(AdapterNameA);
1696 AdapterName = AdapterNameU;
1697 } else { //Unicode
1698 AdapterNameU = NULL;
1699 }
1700 ifname = wcsrchr(AdapterName, '\\');
1701 if (ifname == NULL)
1702 ifname = AdapterName;
1703 else
1704 ifname++;
1705 if (wcsncmp(ifname, L"NPF_", 4) == 0)
1706 ifname += 4;
1707
1708 if( RegOpenKeyEx(HKEY_LOCAL_MACHINE,
1709 TEXT("SYSTEM\\ControlSet001\\Services\\Tcpip\\Parameters\\Interfaces"),
1710 0, KEY_READ, &UnderTcpKey) == ERROR_SUCCESS)
1711 {
1712 status = RegOpenKeyExW(UnderTcpKey,ifname,0,KEY_READ,&TcpIpKey);
1713 if (status != ERROR_SUCCESS) {
1714 RegCloseKey(UnderTcpKey);
1715 goto fail;
1716 }
1717 }
1718 else
1719 {
1720
1721 // Query the registry key with the interface's adresses
1722 status = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
1723 TEXT("SYSTEM\\ControlSet001\\Services"),
1724 0,KEY_READ,&SystemKey);
1725 if (status != ERROR_SUCCESS)
1726 goto fail;
1727 status = RegOpenKeyExW(SystemKey,ifname,0,KEY_READ,&InterfaceKey);
1728 if (status != ERROR_SUCCESS) {
1729 RegCloseKey(SystemKey);
1730 goto fail;
1731 }
1732 RegCloseKey(SystemKey);
1733 status = RegOpenKeyEx(InterfaceKey,TEXT("Parameters"),0,KEY_READ,&ParametersKey);
1734 if (status != ERROR_SUCCESS) {
1735 RegCloseKey(InterfaceKey);
1736 goto fail;
1737 }
1738 RegCloseKey(InterfaceKey);
1739 status = RegOpenKeyEx(ParametersKey,TEXT("TcpIp"),0,KEY_READ,&TcpIpKey);
1740 if (status != ERROR_SUCCESS) {
1741 RegCloseKey(ParametersKey);
1742 goto fail;
1743 }
1744 RegCloseKey(ParametersKey);
1745 BufLen = sizeof String;
1746 }
1747
1748 BufLen = 4;
1749 /* Try to detect if the interface has a zero broadcast addr */
1750 status=RegQueryValueEx(TcpIpKey,TEXT("UseZeroBroadcast"),NULL,&RegType,(LPBYTE)&ZeroBroadcast,&BufLen);
1751 if (status != ERROR_SUCCESS)
1752 ZeroBroadcast=0;
1753
1754 BufLen = 4;
1755 /* See if DHCP is used by this system */
1756 status=RegQueryValueEx(TcpIpKey,TEXT("EnableDHCP"),NULL,&RegType,(LPBYTE)&DHCPEnabled,&BufLen);
1757 if (status != ERROR_SUCCESS)
1758 DHCPEnabled=0;
1759
1760
1761 /* Retrieve the adrresses */
1762 if(DHCPEnabled){
1763
1764 BufLen = sizeof String;
1765 // Open the key with the addresses
1766 status = RegQueryValueEx(TcpIpKey,TEXT("DhcpIPAddress"),NULL,&RegType,(LPBYTE)String,&BufLen);
1767 if (status != ERROR_SUCCESS) {
1768 RegCloseKey(TcpIpKey);
1769 goto fail;
1770 }
1771
1772 // scan the key to obtain the addresses
1773 StringPos = 0;
1774 for(naddrs = 0;naddrs <* NEntries;naddrs++){
1775 TmpAddr = (struct sockaddr_in *) &(buffer[naddrs].IPAddress);
1776
1777 if((TmpAddr->sin_addr.S_un.S_addr = inet_addrU(String + StringPos))!= -1){
1778 TmpAddr->sin_family = AF_INET;
1779
1780 TmpBroad = (struct sockaddr_in *) &(buffer[naddrs].Broadcast);
1781 TmpBroad->sin_family = AF_INET;
1782 if(ZeroBroadcast==0)
1783 TmpBroad->sin_addr.S_un.S_addr = 0xffffffff; // 255.255.255.255
1784 else
1785 TmpBroad->sin_addr.S_un.S_addr = 0; // 0.0.0.0
1786
1787 while(*(String + StringPos) != 0)StringPos++;
1788 StringPos++;
1789
1790 if(*(String + StringPos) == 0 || (StringPos * sizeof (WCHAR)) >= BufLen)
1791 break;
1792 }
1793 else break;
1794 }
1795
1796 BufLen = sizeof String;
1797 // Open the key with the netmasks
1798 status = RegQueryValueEx(TcpIpKey,TEXT("DhcpSubnetMask"),NULL,&RegType,(LPBYTE)String,&BufLen);
1799 if (status != ERROR_SUCCESS) {
1800 RegCloseKey(TcpIpKey);
1801 goto fail;
1802 }
1803
1804 // scan the key to obtain the masks
1805 StringPos = 0;
1806 for(nmasks = 0;nmasks < *NEntries;nmasks++){
1807 TmpAddr = (struct sockaddr_in *) &(buffer[nmasks].SubnetMask);
1808
1809 if((TmpAddr->sin_addr.S_un.S_addr = inet_addrU(String + StringPos))!= -1){
1810 TmpAddr->sin_family = AF_INET;
1811
1812 while(*(String + StringPos) != 0)StringPos++;
1813 StringPos++;
1814
1815 if(*(String + StringPos) == 0 || (StringPos * sizeof (WCHAR)) >= BufLen)
1816 break;
1817 }
1818 else break;
1819 }
1820
1821 // The number of masks MUST be equal to the number of adresses
1822 if(nmasks != naddrs){
1823 RegCloseKey(TcpIpKey);
1824 goto fail;
1825 }
1826
1827 }
1828 else{
1829
1830 BufLen = sizeof String;
1831 // Open the key with the addresses
1832 status = RegQueryValueEx(TcpIpKey,TEXT("IPAddress"),NULL,&RegType,(LPBYTE)String,&BufLen);
1833 if (status != ERROR_SUCCESS) {
1834 RegCloseKey(TcpIpKey);
1835 goto fail;
1836 }
1837
1838 // scan the key to obtain the addresses
1839 StringPos = 0;
1840 for(naddrs = 0;naddrs < *NEntries;naddrs++){
1841 TmpAddr = (struct sockaddr_in *) &(buffer[naddrs].IPAddress);
1842
1843 if((TmpAddr->sin_addr.S_un.S_addr = inet_addrU(String + StringPos))!= -1){
1844 TmpAddr->sin_family = AF_INET;
1845
1846 TmpBroad = (struct sockaddr_in *) &(buffer[naddrs].Broadcast);
1847 TmpBroad->sin_family = AF_INET;
1848 if(ZeroBroadcast==0)
1849 TmpBroad->sin_addr.S_un.S_addr = 0xffffffff; // 255.255.255.255
1850 else
1851 TmpBroad->sin_addr.S_un.S_addr = 0; // 0.0.0.0
1852
1853 while(*(String + StringPos) != 0)StringPos++;
1854 StringPos++;
1855
1856 if(*(String + StringPos) == 0 || (StringPos * sizeof (WCHAR)) >= BufLen)
1857 break;
1858 }
1859 else break;
1860 }
1861
1862 BufLen = sizeof String;
1863 // Open the key with the netmasks
1864 status = RegQueryValueEx(TcpIpKey,TEXT("SubnetMask"),NULL,&RegType,(LPBYTE)String,&BufLen);
1865 if (status != ERROR_SUCCESS) {
1866 RegCloseKey(TcpIpKey);
1867 goto fail;
1868 }
1869
1870 // scan the key to obtain the masks
1871 StringPos = 0;
1872 for(nmasks = 0;nmasks <* NEntries;nmasks++){
1873 TmpAddr = (struct sockaddr_in *) &(buffer[nmasks].SubnetMask);
1874
1875 if((TmpAddr->sin_addr.S_un.S_addr = inet_addrU(String + StringPos))!= -1){
1876 TmpAddr->sin_family = AF_INET;
1877
1878 while(*(String + StringPos) != 0)StringPos++;
1879 StringPos++;
1880
1881 if(*(String + StringPos) == 0 || (StringPos * sizeof (WCHAR)) >= BufLen)
1882 break;
1883 }
1884 else break;
1885 }
1886
1887 // The number of masks MUST be equal to the number of adresses
1888 if(nmasks != naddrs){
1889 RegCloseKey(TcpIpKey);
1890 goto fail;
1891 }
1892
1893 }
1894
1895 *NEntries = naddrs + 1;
1896
1897 RegCloseKey(TcpIpKey);
1898
1899 if (status != ERROR_SUCCESS) {
1900 goto fail;
1901 }
1902
1903
1904 if (AdapterNameU != NULL)
1905 free(AdapterNameU);
1906 return TRUE;
1907
1908 fail:
1909 if (AdapterNameU != NULL)
1910 free(AdapterNameU);
1911 return FALSE;
1912 }
1913
1914 /*!
1915 \brief Returns the IP address and the netmask of an adapter.
1916 \param AdapterName String that contain _ADAPTER structure.
1917 \param netp Pointer to a variable that will receive the IP address of the adapter.
1918 \param maskp Pointer to a variable that will receive the netmask of the adapter.
1919 \return If the function succeeds, the return value is nonzero.
1920
1921 \note this function is obsolete and is maintained for backward compatibility. Use PacketGetNetInfoEx() instead.
1922 */
1923
1924 BOOLEAN PacketGetNetInfo(LPTSTR AdapterName, PULONG netp, PULONG maskp)
1925 {
1926 char *AdapterNameA;
1927 WCHAR *AdapterNameU;
1928 WCHAR *ifname;
1929 HKEY SystemKey;
1930 HKEY InterfaceKey;
1931 HKEY ParametersKey;
1932 HKEY TcpIpKey;
1933 LONG status;
1934 WCHAR String[1024+1];
1935 DWORD RegType;
1936 ULONG BufLen;
1937 DWORD DHCPEnabled;
1938 ULONG TAddr,i;
1939
1940 AdapterNameA = (char*)AdapterName;
1941 if(AdapterNameA[1] != 0) { //ASCII
1942 AdapterNameU = SChar2WChar(AdapterNameA);
1943 AdapterName = AdapterNameU;
1944 } else { //Unicode
1945 AdapterNameU = NULL;
1946 }
1947 ifname = wcsrchr(AdapterName, '\\');
1948 if (ifname == NULL)
1949 ifname = AdapterName;
1950 else
1951 ifname++;
1952 if (wcsncmp(ifname, L"NPF_", 4) == 0)
1953 ifname += 4;
1954 status = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
1955 TEXT("SYSTEM\\ControlSet001\\Services"),
1956 0,KEY_READ,&SystemKey);
1957 if (status != ERROR_SUCCESS)
1958 goto fail;
1959 status = RegOpenKeyExW(SystemKey,ifname,0,KEY_READ,&InterfaceKey);
1960 if (status != ERROR_SUCCESS) {
1961 RegCloseKey(SystemKey);
1962 goto fail;
1963 }
1964 RegCloseKey(SystemKey);
1965 status = RegOpenKeyEx(InterfaceKey,TEXT("Parameters"),0,KEY_READ,&ParametersKey);
1966 if (status != ERROR_SUCCESS) {
1967 RegCloseKey(InterfaceKey);
1968 goto fail;
1969 }
1970 RegCloseKey(InterfaceKey);
1971 status = RegOpenKeyEx(ParametersKey,TEXT("TcpIp"),0,KEY_READ,&TcpIpKey);
1972 if (status != ERROR_SUCCESS) {
1973 RegCloseKey(ParametersKey);
1974 goto fail;
1975 }
1976 RegCloseKey(ParametersKey);
1977
1978 BufLen = 4;
1979 /* See if DHCP is used by this system */
1980 status=RegQueryValueEx(TcpIpKey,TEXT("EnableDHCP"),NULL,&RegType,(LPBYTE)&DHCPEnabled,&BufLen);
1981 if (status != ERROR_SUCCESS)
1982 DHCPEnabled=0;
1983
1984
1985 /* Retrieve the netmask */
1986 if(DHCPEnabled){
1987
1988 BufLen = sizeof String;
1989 status = RegQueryValueEx(TcpIpKey,TEXT("DhcpIPAddress"),NULL,&RegType,(LPBYTE)String,&BufLen);
1990 if (status != ERROR_SUCCESS) {
1991 RegCloseKey(TcpIpKey);
1992 goto fail;
1993 }
1994
1995 TAddr = inet_addrU(String);
1996 // swap bytes for backward compatibility
1997 for(i=0;i<4;i++){
1998 *((char*)netp+i) = *((char*)&TAddr+3-i);
1999 }
2000
2001 BufLen = sizeof String;
2002 status=RegQueryValueEx(TcpIpKey,TEXT("DHCPSubnetMask"),NULL,&RegType,
2003 (LPBYTE)String,&BufLen);
2004
2005 TAddr = inet_addrU(String);
2006 // swap bytes for backward compatibility
2007 for(i=0;i<4;i++){
2008 *((char*)maskp+i) = *((char*)&TAddr+3-i);
2009 }
2010
2011
2012 }
2013 else{
2014
2015 BufLen = sizeof String;
2016 status = RegQueryValueEx(TcpIpKey,TEXT("IPAddress"),NULL,&RegType,(LPBYTE)String,&BufLen);
2017 if (status != ERROR_SUCCESS) {
2018 RegCloseKey(TcpIpKey);
2019 goto fail;
2020 }
2021
2022 TAddr = inet_addrU(String);
2023 // swap bytes for backward compatibility
2024 for(i=0;i<4;i++){
2025 *((char*)netp+i) = *((char*)&TAddr+3-i);
2026 }
2027
2028 BufLen = sizeof String;
2029 status=RegQueryValueEx(TcpIpKey,TEXT("SubnetMask"),NULL,&RegType,
2030 (LPBYTE)String,&BufLen);
2031
2032 TAddr = inet_addrU(String);
2033 // swap bytes for backward compatibility
2034 for(i=0;i<4;i++){
2035 *((char*)maskp+i) = *((char*)&TAddr+3-i);
2036 }
2037
2038
2039 }
2040
2041 if (status != ERROR_SUCCESS) {
2042 RegCloseKey(TcpIpKey);
2043 goto fail;
2044 }
2045
2046
2047 if (AdapterNameU != NULL)
2048 free(AdapterNameU);
2049 return TRUE;
2050
2051 fail:
2052 if (AdapterNameU != NULL)
2053 free(AdapterNameU);
2054 return FALSE;
2055 }
2056
2057 /* @} */
A free Windows-compatible Operating System