archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/net/ipsec/nshipsec/dynamicshow.cpp

6340 lines
162 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. ////////////////////////////////////////////////////////////////////////
  2. //
  3. // Module : Dynamic/DyanamicShow.cpp
  4. //
  5. // Purpose : Dynamic Show commands Implementation.
  6. //
  7. //
  8. // Developers Name : Bharat/Radhika
  9. //
  10. // History :
  11. //
  12. // Date Author Comments
  13. // 9-23-2001 Bharat Initial Version. V1.0
  14. // 11-21-2001 Bharat Version. V1.1
  15. //
  16. ////////////////////////////////////////////////////////////////////////
  18. #include "nshipsec.h"
  19. #include "staticshowutils.h"
  21. extern HINSTANCE g_hModule;
  22. extern HKEY g_hGlobalRegistryKey;
  23. extern _TCHAR* g_szDynamicMachine;
  24. extern STORAGELOCATION g_StorageLocation;
  26. UINT QMPFSDHGroup(DWORD dwPFSGroup);
  28. ///////////////////////////////////////////////////////////////////////////////////////////
  29. //
  30. // Function : ShowMMPolicy
  31. //
  32. // Date of Creation: 9-3-2001
  33. //
  34. // Parameters : IN LPTSTR pszShowPolicyName
  35. //
  36. // Return : DWORD
  37. //
  38. // Description : This function prepares data to display Mainmode Policies.
  39. //
  40. // History :
  41. //
  42. // Date Author Comments
  43. //
  44. //////////////////////////////////////////////////////////////////////////////////////////
  46. DWORD
  47. ShowMMPolicy(
  48. IN LPTSTR pszShowPolicyName
  49. )
  50. {
  51. DWORD dwCount = 0; // counting objects here
  52. DWORD dwResumeHandle = 0; // handle for continuation calls
  53. DWORD i=0, j=0;
  54. DWORD dwReturn = ERROR_SUCCESS; // assume success
  55. DWORD dwVersion = 0;
  56. BOOL bNameFin = FALSE;
  57. PIPSEC_MM_POLICY pIPSecMMP = NULL; // for MM policy calls
  59. for(i = 0; ;i+=dwCount)
  60. {
  61. dwReturn = EnumMMPolicies(g_szDynamicMachine, dwVersion, NULL, 0, 0, &pIPSecMMP, &dwCount, &dwResumeHandle, NULL);
  62. //If there is no data Bail out.
  63. if (dwReturn == ERROR_NO_DATA || dwCount == 0)
  64. {
  65. if (i == 0)
  66. {
  67. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  68. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_MMP_6);
  69. //This is to avoid one more error message show up!!
  70. bNameFin = TRUE;
  71. }
  72. dwReturn = ERROR_SUCCESS;
  73. BAIL_OUT;
  74. }
  76. if (dwReturn != ERROR_SUCCESS)
  77. {
  78. BAIL_OUT;
  79. }
  81. if(!(pIPSecMMP && dwCount > 0))
  82. {
  83. // not required to continue.
  84. BAIL_OUT;
  85. }
  86. // Show all the main mode policies
  87. if(!pszShowPolicyName)
  88. {
  89. for (j = 0; j < dwCount; j++)
  90. {
  91. PrintMMPolicy(pIPSecMMP[j]);
  93. }
  94. }
  95. // Show main mode policy for the given policy name.
  96. else if(pszShowPolicyName)
  97. {
  98. for (j = 0; j < dwCount; j++)
  99. {
  100. if(_tcsicmp(pIPSecMMP[j].pszPolicyName,pszShowPolicyName) == 0)
  101. {
  102. PrintMMPolicy(pIPSecMMP[j]);
  103. bNameFin = TRUE;
  104. BAIL_OUT;
  105. }
  106. }
  107. }
  109. SPDApiBufferFree(pIPSecMMP);
  110. pIPSecMMP=NULL;
  111. }
  113. error:
  114. if(pszShowPolicyName && !bNameFin)
  115. {
  116. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  117. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_MMP_5);
  118. dwReturn = ERROR_SUCCESS;
  119. }
  121. if(pIPSecMMP)
  122. {
  123. //error path clean up
  124. SPDApiBufferFree(pIPSecMMP);
  125. pIPSecMMP=NULL;
  126. }
  128. return dwReturn;
  129. }
  131. ///////////////////////////////////////////////////////////////////////////////////////////
  132. //
  133. // Function : PrintMMPolicy
  134. //
  135. // Date of Creation: 9-3-2001
  136. //
  137. // Parameters : IN IPSEC_MM_POLICY MMPolicy
  138. //
  139. // Return : DWORD
  140. //
  141. // Description : This function displays headings and policy name for Mainmode Policy.
  142. //
  143. // History :
  144. //
  145. // Date Author Comments
  146. //
  147. //////////////////////////////////////////////////////////////////////////////////////////
  149. VOID
  150. PrintMMPolicy(
  151. IN IPSEC_MM_POLICY MMPolicy
  152. )
  153. {
  154. DWORD i = 0;
  156. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  157. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_POLNAME, MMPolicy.pszPolicyName );
  158. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SOFTSA, MMPolicy.uSoftExpirationTime);
  160. if(MMPolicy.dwOfferCount>0) //offers are greater than 0, print the header for it
  161. {
  162. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  163. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_COLUMN_HEADING);
  164. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_COLUMN_HEADING_UNDERLINE);
  165. }
  166. for (i = 0; i < MMPolicy.dwOfferCount; i++)
  167. {
  168. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  169. PrintMMOffer(MMPolicy.pOffers[i]);
  171. }
  172. }
  174. ///////////////////////////////////////////////////////////////////////////////////////////
  175. //
  176. //Function: PrintMMOffer
  177. //
  178. //Date of Creation: 9-3-2001
  179. //
  180. //Parameters: IN IPSEC_MM_OFFER MMOffer
  181. //
  182. //Return: VOID
  183. //
  184. //Description: This function displays offer details for each Mainmode Policy.
  185. //
  186. // History :
  187. //
  188. // Date Author Comments
  189. //
  190. //////////////////////////////////////////////////////////////////////////////////////////
  192. VOID
  193. PrintMMOffer(
  194. IN IPSEC_MM_OFFER MMOffer
  195. )
  196. {
  197. //This is to display DH2048 as 3
  198. if(MMOffer.dwDHGroup == DH_GROUP_2048)
  199. {
  200. MMOffer.dwDHGroup = 2048;
  201. }
  202. //Display of Encryption algorithm
  203. switch(MMOffer.EncryptionAlgorithm.uAlgoIdentifier)
  204. {
  205. case 1:
  206. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_ESP_DES_ALGO);
  207. break;
  208. case 2:
  209. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_ESP_UNKNOWN_ALGO);
  210. break;
  211. case 3:
  212. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_ESP_3DES_ALGO);
  213. break;
  214. case 0:
  215. default:
  216. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_ESP_NONE_ALGO);
  217. break;
  219. }
  220. //Display of Hash algorithm
  221. switch(MMOffer.HashingAlgorithm.uAlgoIdentifier)
  222. {
  224. case 1:
  225. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_AH_MD5_ALGO);
  226. break;
  227. case 2:
  228. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_AH_SHA1_ALGO);
  229. break;
  230. case 0:
  231. default:
  232. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_AH_NONE_ALGO);
  233. break;
  235. }
  236. //IF QMPERMM is 1 then 1 (MMPFS) is displayed.
  237. if(MMOffer.dwQuickModeLimit != 1)
  238. {
  239. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_DH_LIFE_QMLIMIT,MMOffer.dwDHGroup, MMOffer.Lifetime.uKeyExpirationKBytes, MMOffer.Lifetime.uKeyExpirationTime, MMOffer.dwQuickModeLimit );
  240. }
  241. else
  242. {
  243. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_DH_LIFE_QMLIMIT_MMPFS,MMOffer.dwDHGroup, MMOffer.Lifetime.uKeyExpirationKBytes, MMOffer.Lifetime.uKeyExpirationTime);
  244. }
  245. }
  247. ///////////////////////////////////////////////////////////////////////////////////////////
  248. //
  249. //Function: ShowQMPolicy
  250. //
  251. //Date of Creation: 9-3-2001
  252. //
  253. //Parameters: IN LPTSTR pszShowPolicyName
  254. //
  255. //Return: DWORD
  256. //
  257. //Description: This function prepares data to display quickmode Policy.
  258. //
  259. // History :
  260. //
  261. // Date Author Comments
  262. //
  263. //////////////////////////////////////////////////////////////////////////////////////////
  265. DWORD
  266. ShowQMPolicy(
  267. IN LPTSTR pszShowPolicyName
  268. )
  269. {
  270. DWORD dwCount = 0; // counting objects here
  271. DWORD dwResumeHandle = 0; // handle for continuation calls
  272. DWORD i=0, j=0;
  273. DWORD dwReturn = ERROR_SUCCESS; // assume success
  274. DWORD dwVersion = 0;
  275. BOOL bNameFin = FALSE;
  276. PIPSEC_QM_POLICY pIPSecQMP = NULL; // for QM policy calls
  278. for (i = 0; ;i+=dwCount)
  279. {
  280. dwReturn = EnumQMPolicies(g_szDynamicMachine, dwVersion, NULL, 0, 0, &pIPSecQMP, &dwCount, &dwResumeHandle, NULL);
  281. //If there is no data Bail out.
  282. if (dwReturn == ERROR_NO_DATA || dwCount == 0)
  283. {
  284. if (i == 0)
  285. {
  286. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  287. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_QMP_6);
  288. //This is to avoid one more error message show up!!
  289. bNameFin = TRUE;
  290. }
  291. dwReturn = ERROR_SUCCESS;
  292. BAIL_OUT;
  293. }
  295. if (dwReturn != ERROR_SUCCESS)
  296. {
  297. BAIL_OUT;
  298. }
  300. if(!(pIPSecQMP && dwCount > 0))
  301. {
  302. BAIL_OUT; // not required to continue.
  303. }
  304. //Show all QMPolicies
  305. if(!pszShowPolicyName)
  306. {
  307. for (j = 0; j < dwCount; j++)
  308. {
  309. PrintFilterAction(pIPSecQMP[j]);
  310. }
  311. }
  312. //Show QMPolicy for the given name
  313. else if(pszShowPolicyName)
  314. {
  315. for (j = 0; j < dwCount; j++)
  316. {
  317. if(_tcsicmp(pIPSecQMP[j].pszPolicyName,pszShowPolicyName) == 0)
  318. {
  319. PrintFilterAction(pIPSecQMP[j]);
  320. bNameFin = TRUE;
  321. BAIL_OUT;
  322. }
  324. }
  325. }
  327. SPDApiBufferFree(pIPSecQMP);
  328. pIPSecQMP=NULL;
  329. }
  331. error:
  332. if(pszShowPolicyName && !bNameFin)
  333. {
  334. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  335. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_QMP_5);
  336. dwReturn = ERROR_SUCCESS;
  337. }
  339. if(pIPSecQMP)
  340. {
  341. //error path cleanup
  342. SPDApiBufferFree(pIPSecQMP);
  343. pIPSecQMP=NULL;
  344. }
  345. return dwReturn;
  347. }
  349. ///////////////////////////////////////////////////////////////////////////////////////////
  350. //
  351. //Function: PrintFilterAction
  352. //
  353. //Date of Creation: 9-3-2001
  354. //
  355. //Parameters: IN IPSEC_QM_POLICY QMPolicy
  356. //
  357. //Return: VOID
  358. //
  359. //Description: This function displays quickmode Policy name and headers.
  360. //
  361. // History :
  362. //
  363. // Date Author Comments
  364. //
  365. //////////////////////////////////////////////////////////////////////////////////////////
  367. VOID
  368. PrintFilterAction(
  369. IN IPSEC_QM_POLICY QMPolicy
  370. )
  371. {
  372. DWORD i = 0;
  373. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  374. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_NEGOTIATION_NAME, QMPolicy.pszPolicyName);
  375. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  377. if(QMPolicy.dwOfferCount>0)
  378. {
  379. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_COLUMN_HEADING);
  380. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_COLUMN_HEADING_UNDERLINE);
  381. }
  383. for (i = 0; i < QMPolicy.dwOfferCount; i++)
  384. {
  385. PrintQMOffer(QMPolicy.pOffers[i]);
  386. }
  387. }
  389. ///////////////////////////////////////////////////////////////////////////////////////////
  390. //
  391. //Function: PrintQMOffer
  392. //
  393. //Date of Creation: 9-3-2001
  394. //
  395. //Parameters: IN IPSEC_QM_OFFER QMOffer
  396. //
  397. //Return: VOID
  398. //
  399. //Description: This function displays quickmode Policy offers.
  400. //
  401. // History :
  402. //
  403. // Date Author Comments
  404. //
  405. //////////////////////////////////////////////////////////////////////////////////////////
  407. VOID
  408. PrintQMOffer(
  409. IN IPSEC_QM_OFFER QMOffer
  410. )
  411. {
  412. DWORD i=0;
  413. DWORD dwFlag = 0;
  414. if(QMOffer.dwNumAlgos > 0)
  415. {
  416. for (i = 0; i < QMOffer.dwNumAlgos; i++)
  417. {
  418. //If the number algos is exactly one (either Authentication or encryption)
  419. //print the Pfs group and lifetime after the algo is printed
  420. if(QMOffer.dwNumAlgos == 1)
  421. dwFlag = 2;
  422. // '+' is required to be printed if both encryption and
  423. // authentication algo are present in an offer
  424. if(dwFlag == 1 )
  425. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_PLUS);
  427. if(QMOffer.Algos[i].Operation == AUTHENTICATION)
  428. {
  430. switch(QMOffer.Algos[i].uAlgoIdentifier)
  431. {
  432. case 1:
  433. if(QMOffer.dwNumAlgos == 1)
  434. {
  435. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_AH_MD5_ALGO);
  436. }
  437. else if(QMOffer.dwNumAlgos == 2)
  438. {
  439. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_AH_MD5);
  440. //Increment the flag for printing lifetime and pfs group
  441. dwFlag++;
  442. }
  443. break;
  444. case 2:
  445. if(QMOffer.dwNumAlgos == 1)
  446. {
  447. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_AH_SHA1_ALGO);
  448. }
  449. else if(QMOffer.dwNumAlgos == 2)
  450. {
  451. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_AH_SHA1);
  452. dwFlag++;
  453. }
  454. break;
  455. case 0:
  456. if(QMOffer.dwNumAlgos == 1)
  457. {
  458. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_AH_NONE_ALGO);
  459. }
  460. else if(QMOffer.dwNumAlgos == 2)
  461. {
  462. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_AH_NONE);
  463. dwFlag++;
  464. }
  465. break;
  466. default:
  467. if(QMOffer.dwNumAlgos == 1)
  468. {
  469. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_AH_ERR_SPACE);
  470. }
  471. else if(QMOffer.dwNumAlgos == 2)
  472. {
  473. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_AH_ERR);
  474. dwFlag++;
  475. }
  476. break;
  477. }
  478. }
  479. else if(QMOffer.Algos[i].Operation == ENCRYPTION)
  480. {
  481. switch(QMOffer.Algos[i].uAlgoIdentifier)
  482. {
  483. case 1:
  484. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_ESP_DES_ALGO);
  485. break;
  486. case 2:
  487. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_ESP_ERR_ALGO);
  488. break;
  489. case 3:
  490. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_ESP_3DES_ALGO);
  491. break;
  492. case 0:
  493. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_ESP_NONE_ALGO);
  494. break;
  495. default:
  496. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_ESP_ERR_ALGO);
  497. break;
  498. }
  499. switch(QMOffer.Algos[i].uSecAlgoIdentifier)
  500. {
  501. case 1:
  502. if(QMOffer.dwNumAlgos == 1)
  503. {
  504. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_MD5_ALGO);
  505. }
  506. else if(QMOffer.dwNumAlgos == 2)
  507. {
  508. //Increment the flag for printing lifetime and pfs group
  509. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_MD5);
  510. dwFlag++;
  511. }
  512. break;
  513. case 2:
  514. if(QMOffer.dwNumAlgos == 1)
  515. {
  516. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SHA1_ALGO);
  517. }
  518. else if(QMOffer.dwNumAlgos == 2)
  519. {
  520. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SHA1);
  521. dwFlag++;
  522. }
  523. break;
  524. case 0:
  525. if(QMOffer.dwNumAlgos == 1)
  526. {
  527. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_NONE_ALGO);
  528. }
  529. else if(QMOffer.dwNumAlgos == 2)
  530. {
  531. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_NONE);
  532. dwFlag++;
  533. }
  534. break;
  535. default:
  536. if(QMOffer.dwNumAlgos == 1)
  537. {
  538. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_ERR_SPACE);
  539. }
  540. else if(QMOffer.dwNumAlgos == 2)
  541. {
  542. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_ERR);
  543. dwFlag++;
  544. }
  545. break;
  546. }
  547. }
  548. else
  549. {
  550. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_ERROR_ALGO);
  551. }
  552. //Print lifetime and pfsgroup only if all the 2 algos are printed with a plus sign
  553. // or printed only if one algo is present in the qmoffer.
  554. if(dwFlag == 2)
  555. {
  556. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_LIFETIME, QMOffer.Lifetime.uKeyExpirationKBytes, QMOffer.Lifetime.uKeyExpirationTime);
  557. if(QMOffer.bPFSRequired)
  558. {
  559. PrintMessageFromModule(g_hModule, QMPFSDHGroup(QMOffer.dwPFSGroup));
  560. }
  561. else
  562. {
  563. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_PFS_NONE);
  564. }
  565. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  566. }
  567. }
  568. }
  570. }
  572. ///////////////////////////////////////////////////////////////////////////////////////////
  573. //
  574. //Function: ShowMMFilters
  575. //
  576. //Date of Creation: 9-3-2001
  577. //
  578. //Parameters: IN LPTSTR pszShowFilterName,
  579. // IN LPTSTR pszShowPolicyName
  580. //
  581. //Return: DWORD
  582. //
  583. //Description: This function displays both generic and specific mainmode filters.
  584. //
  585. // History :
  586. //
  587. // Date Author Comments
  588. //
  589. //////////////////////////////////////////////////////////////////////////////////////////
  591. DWORD
  592. ShowMMFilters(
  593. IN LPTSTR pszShowFilterName,
  594. IN BOOL bType,
  595. IN ADDR SrcAddr,
  596. IN ADDR DstAddr,
  597. IN NshHashTable& addressHash,
  598. IN BOOL bResolveDNS,
  599. IN BOOL bSrcMask,
  600. IN BOOL bDstMask
  601. )
  602. {
  603. DWORD dwReturn = ERROR_SUCCESS;
  604. DWORD dwResumeHandle = 0;
  605. DWORD dwSpecificResumeHandle = 0; // handle for continuation calls
  606. DWORD dwCount = 0; // counting objects here
  607. DWORD dwSpecificCount = 0; // counting objects here
  608. DWORD dwVersion = 0;
  609. GUID gDefaultGUID = {0}; // NULL GUID value
  610. DWORD i=0, j=0, l=0;
  611. DWORD dwTempCnt = 0;
  612. BOOL bNameFin=FALSE;
  613. BOOL bPrint = FALSE;
  614. BOOL bPrintIN = FALSE;
  615. PIPSEC_MM_POLICY pMMPolicy = NULL;
  616. PMM_FILTER pMMFilter = NULL;
  617. PMM_FILTER pSpecificMMFilter = NULL;
  618. //Print generic filters
  619. if(bType)
  620. {
  622. for (i = 0; ;i+=dwCount)
  623. {
  624. dwReturn = EnumMMFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_GENERIC_FILTERS, gDefaultGUID, 0, &pMMFilter, &dwCount, &dwResumeHandle, NULL);
  626. if (dwReturn == ERROR_NO_DATA || dwCount == 0)
  627. {
  628. dwReturn = ERROR_SUCCESS;
  629. break;
  630. }
  631. if (dwReturn != ERROR_SUCCESS)
  632. {
  633. BAIL_OUT;
  634. }
  636. if(!(pMMFilter && dwCount > 0))
  637. {
  638. BAIL_OUT; // not required to continue.
  639. }
  641. for (j = 0; j < dwCount; j++)
  642. {
  643. //Get the corresponding MMPolicy associated with the filter.
  644. dwReturn = GetMMPolicyByID(g_szDynamicMachine, dwVersion, pMMFilter[j].gPolicyID, &pMMPolicy, NULL);
  645. if(dwReturn != ERROR_SUCCESS)
  646. {
  647. BAIL_OUT;
  648. }
  649. //Check for the user given parameters. If exists prints the corresponding record
  650. //otherwise continues for next iteration
  651. dwReturn = CheckMMFilter(pMMFilter[j], SrcAddr, DstAddr, bDstMask, bSrcMask, pszShowFilterName);
  652. if(dwReturn == ERROR_SUCCESS)
  653. {
  654. if(!bPrint)
  655. {
  656. //If it is first time print the header.
  657. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SUB_HEADING);
  658. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_GENERIC_HEADING);
  659. bPrint = TRUE;
  660. }
  661. //Print the filter data.
  662. dwReturn = PrintMainmodeFilter(pMMFilter[j], pMMPolicy[0], addressHash, bResolveDNS, bType);
  663. dwTempCnt++;
  664. bNameFin = TRUE;
  665. }
  667. SPDApiBufferFree(pMMPolicy);
  668. pMMPolicy = NULL;
  669. }
  670. SPDApiBufferFree(pMMFilter);
  671. pMMFilter = NULL;
  673. }
  675. if(dwTempCnt > 0)
  676. {
  677. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NO_OF_GENERIC_FILTERS, dwTempCnt);
  678. }
  680. }
  681. //Print specific filters
  682. else if(!bType)
  683. {
  684. for (i = 0; ;i+=dwSpecificCount)
  685. {
  686. dwReturn = EnumMMFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_SPECIFIC_FILTERS, gDefaultGUID, 0, &pSpecificMMFilter, &dwSpecificCount, &dwSpecificResumeHandle, NULL);
  687. if (dwReturn == ERROR_NO_DATA || dwSpecificCount == 0)
  688. {
  689. dwReturn = ERROR_SUCCESS;
  690. break;
  691. }
  693. if (dwReturn != ERROR_SUCCESS)
  694. {
  695. BAIL_OUT;
  696. }
  698. if(!(pSpecificMMFilter && dwSpecificCount > 0))
  699. {
  700. BAIL_OUT; // not required to continue.
  701. }
  703. for (l = 0; l < dwSpecificCount; l++)
  704. {
  705. //Get the corresponding MMPolicy associated with the filter.
  706. dwReturn = GetMMPolicyByID(g_szDynamicMachine, dwVersion, pSpecificMMFilter[l].gPolicyID, &pMMPolicy, NULL);
  707. if(dwReturn!=ERROR_SUCCESS)
  708. {
  709. BAIL_OUT;
  710. }
  711. //First print all specific outbound filters.
  712. if(pSpecificMMFilter[l].dwDirection == FILTER_DIRECTION_OUTBOUND)
  713. {
  714. //Check for the user given parameters. If exists prints the corresponding record
  715. //otherwise continues for next iteration
  716. dwReturn = CheckMMFilter(pSpecificMMFilter[l], SrcAddr, DstAddr, bDstMask, bSrcMask, pszShowFilterName);
  717. if(dwReturn == ERROR_SUCCESS)
  718. {
  719. if(!bPrint)
  720. {
  721. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SUB_HEADING);
  722. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SPECIFIC_HEADING);
  723. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OUTBOUND_HEADING);
  724. bPrint = TRUE;
  725. }
  726. //Print the filter data.
  727. dwReturn = PrintMainmodeFilter(pSpecificMMFilter[l], pMMPolicy[0], addressHash, bResolveDNS, bType);
  728. dwTempCnt++;
  729. bNameFin = TRUE;
  730. }
  732. SPDApiBufferFree(pMMPolicy);
  733. pMMPolicy = NULL;
  734. }
  735. }
  737. SPDApiBufferFree(pSpecificMMFilter);
  738. pSpecificMMFilter = NULL;
  740. }
  741. if(dwTempCnt > 0)
  742. {
  743. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NO_OF_SPECIFIC_OUTBOUND, dwTempCnt);
  744. }
  746. dwSpecificCount = 0;
  747. dwSpecificResumeHandle = 0;
  748. pSpecificMMFilter = NULL;
  749. dwTempCnt = 0;
  751. for (i = 0; ;i+=dwSpecificCount)
  752. {
  753. dwReturn = EnumMMFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_SPECIFIC_FILTERS, gDefaultGUID, 0, &pSpecificMMFilter, &dwSpecificCount, &dwSpecificResumeHandle, NULL);
  754. if (dwReturn == ERROR_NO_DATA || dwSpecificCount == 0)
  755. {
  756. dwReturn = ERROR_SUCCESS;
  757. break;
  758. }
  760. if (dwReturn != ERROR_SUCCESS)
  761. {
  762. BAIL_OUT;
  763. }
  765. if(!(pSpecificMMFilter && dwSpecificCount > 0))
  766. {
  767. BAIL_OUT; // not required to continue.
  768. }
  770. for (l = 0; l < dwSpecificCount; l++)
  771. {
  772. //Get the corresponding MMPolicy associated with the filter.
  773. dwReturn = GetMMPolicyByID(g_szDynamicMachine, dwVersion, pSpecificMMFilter[l].gPolicyID, &pMMPolicy, NULL);
  774. if(dwReturn!=ERROR_SUCCESS)
  775. {
  776. BAIL_OUT;
  777. }
  778. //Then print all the specific inbound filters
  779. if(pSpecificMMFilter[l].dwDirection == FILTER_DIRECTION_INBOUND)
  780. {
  781. //Check for the user given parameters. If exists prints the corresponding record
  782. //otherwise continues for next iteration
  783. dwReturn = CheckMMFilter(pSpecificMMFilter[l],SrcAddr, DstAddr, bDstMask, bSrcMask, pszShowFilterName);
  785. if(dwReturn == ERROR_SUCCESS)
  786. {
  787. if(!bPrintIN)
  788. {
  789. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  790. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  791. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SUB_HEADING);
  792. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SPECIFIC_HEADING);
  793. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_INBOUND_HEADING);
  794. bPrintIN = TRUE;
  796. }
  797. //Print the filter data.
  798. dwReturn = PrintMainmodeFilter(pSpecificMMFilter[l], pMMPolicy[0], addressHash, bResolveDNS, bType);
  799. dwTempCnt++;
  800. bNameFin = TRUE;
  801. }
  803. SPDApiBufferFree(pMMPolicy);
  804. pMMPolicy = NULL;
  805. }
  806. }
  807. SPDApiBufferFree(pSpecificMMFilter);
  808. pSpecificMMFilter = NULL;
  809. }
  810. //print number of filters
  811. if(dwTempCnt > 0)
  812. {
  813. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NO_OF_SPECIFIC_INBOUND, dwTempCnt);
  814. }
  815. }
  817. error:
  818. if(!bNameFin)
  819. {
  820. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  821. if(pszShowFilterName)
  822. {
  823. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_MMF_8);
  824. }
  825. else
  826. {
  827. if(bType)
  828. {
  829. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_MMF_6);
  830. }
  831. else
  832. {
  833. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_MMF_7);
  834. }
  835. }
  836. dwReturn = ERROR_SUCCESS;
  837. }
  838. // error path clean up
  839. if(pMMPolicy)
  840. {
  841. SPDApiBufferFree(pMMPolicy);
  842. pMMPolicy = NULL;
  843. }
  845. if(pMMFilter)
  846. {
  847. SPDApiBufferFree(pMMFilter);
  848. pMMFilter = NULL;
  849. }
  851. if(pSpecificMMFilter)
  852. {
  853. SPDApiBufferFree(pSpecificMMFilter);
  854. pSpecificMMFilter = NULL;
  855. }
  857. return dwReturn;
  858. }
  861. ///////////////////////////////////////////////////////////////////////////////////////////
  862. //
  863. //Function: CheckMMFilter
  864. //
  865. //Date of Creation: 11-21-2001
  866. //
  867. //Parameters: IN MM_FILTER MMFltr,
  868. // IN ADDR SrcAddr,
  869. // IN ADDR DstAddr,
  870. // IN BOOL bDstMask,
  871. // IN BOOL bSrcMask,
  872. // IN LPWSTR pszShowFilterName
  873. //
  874. //Return: DWORD
  875. //
  876. //Description: This function prepares data for displaying mainmode filter
  877. // and validates the input.
  878. //
  879. //
  880. // History :
  881. //
  882. // Date Author Comments
  883. //
  884. //////////////////////////////////////////////////////////////////////////////////////////
  886. DWORD
  887. CheckMMFilter(
  888. IN MM_FILTER MMFltr,
  889. IN ADDR SrcAddr,
  890. IN ADDR DstAddr,
  891. IN BOOL bDstMask,
  892. IN BOOL bSrcMask,
  893. IN LPWSTR pszShowFilterName)
  894. {
  896. DWORD dwReturn = ERROR_SUCCESS;
  898. while(1)
  899. {
  900. //Validates user given input for Source address
  901. switch(SrcAddr.AddrType)
  902. {
  903. case IP_ADDR_WINS_SERVER:
  904. case IP_ADDR_DHCP_SERVER:
  905. case IP_ADDR_DNS_SERVER:
  906. case IP_ADDR_DEFAULT_GATEWAY:
  907. if(MMFltr.SrcAddr.AddrType != SrcAddr.AddrType)
  908. {
  909. dwReturn = ERROR_NO_DISPLAY;
  910. BAIL_OUT;
  911. }
  912. break;
  913. default:
  914. if(SrcAddr.uIpAddr != 0xFFFFFFFF)
  915. {
  916. if(MMFltr.SrcAddr.uIpAddr != SrcAddr.uIpAddr)
  917. {
  918. dwReturn = ERROR_NO_DISPLAY;
  919. BAIL_OUT;
  920. }
  921. }
  922. break;
  923. }
  924. //Validates user given input for Destination address
  925. switch(DstAddr.AddrType)
  926. {
  927. case IP_ADDR_WINS_SERVER:
  928. case IP_ADDR_DHCP_SERVER:
  929. case IP_ADDR_DNS_SERVER:
  930. case IP_ADDR_DEFAULT_GATEWAY:
  931. if(MMFltr.DesAddr.AddrType != DstAddr.AddrType)
  932. {
  933. dwReturn = ERROR_NO_DISPLAY;
  934. BAIL_OUT;
  935. }
  936. break;
  937. default:
  938. if(DstAddr.uIpAddr != 0xFFFFFFFF)
  939. {
  940. if(MMFltr.DesAddr.uIpAddr != DstAddr.uIpAddr)
  941. {
  942. dwReturn = ERROR_NO_DISPLAY;
  943. BAIL_OUT;
  944. }
  945. }
  946. break;
  947. }
  948. //Validates user given input for Destination mask
  949. if(bDstMask)
  950. {
  951. if(MMFltr.DesAddr.uSubNetMask != DstAddr.uSubNetMask)
  952. {
  953. dwReturn = ERROR_NO_DISPLAY;
  954. BAIL_OUT;
  955. }
  956. }
  957. //Validates user given input for Source mask
  958. if(bSrcMask)
  959. {
  960. if(MMFltr.SrcAddr.uSubNetMask != SrcAddr.uSubNetMask)
  961. {
  962. dwReturn = ERROR_NO_DISPLAY;
  963. BAIL_OUT;
  964. }
  965. }
  966. //Validates user given input for Filter name
  967. if(pszShowFilterName!=NULL)
  968. {
  969. if(_tcsicmp(MMFltr.pszFilterName, pszShowFilterName) != 0)
  970. {
  971. dwReturn = ERROR_NO_DISPLAY;
  972. BAIL_OUT;
  973. }
  974. }
  976. //everything fine... all matched
  977. BAIL_OUT;
  978. }
  980. error:
  981. return dwReturn;
  983. }
  985. ///////////////////////////////////////////////////////////////////////////////////////////
  986. //
  987. //Function: PrintMainmodeFilter
  988. //
  989. //Date of Creation: 9-3-2001
  990. //
  991. //Parameters: IN MM_FILTER MMFltr
  992. // IN NshHashTable& addressHash
  993. //
  994. //Return: DWORD
  995. //
  996. //Description: This function displays quickmode Policy in verbose.
  997. //
  998. //
  999. // History :
  1000. //
  1001. // Date Author Comments
  1002. //
  1003. //////////////////////////////////////////////////////////////////////////////////////////
  1005. DWORD
  1006. PrintMainmodeFilter(
  1007. IN MM_FILTER MMFltr,
  1008. IN IPSEC_MM_POLICY MMPol,
  1009. IN NshHashTable& addressHash,
  1010. IN BOOL bResolveDNS,
  1011. IN BOOL bType
  1012. )
  1013. {
  1014. DWORD dwReturn = ERROR_SUCCESS;
  1015. DWORD i = 0;
  1016. DWORD dwVersion = 0;
  1017. LPTSTR pszCertStr = NULL;
  1019. PINT_MM_AUTH_METHODS pIntMMAuth = NULL;
  1020. PMM_AUTH_METHODS pMMAM = NULL;
  1022. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1023. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_UNDERLINE);
  1025. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NAME, MMFltr.pszFilterName);
  1027. //Print Weight
  1028. if(!bType)
  1029. {
  1030. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_FILTER_WEIGHT, MMFltr.dwWeight);
  1031. }
  1033. //Print Connection Type
  1034. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_HEADING);
  1035. switch(MMFltr.InterfaceType)
  1036. {
  1037. case INTERFACE_TYPE_ALL:
  1038. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_ALL);
  1039. break;
  1040. case INTERFACE_TYPE_LAN:
  1041. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_LAN);
  1042. break;
  1043. case INTERFACE_TYPE_DIALUP:
  1044. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_DIALUP);
  1045. break;
  1046. default:
  1047. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_UNKNOWN);
  1048. break;
  1049. }
  1050. //Print Source Address
  1051. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_ADDR_HEADING);
  1052. PrintAddr(MMFltr.SrcAddr, addressHash, bResolveDNS);
  1053. if(!bResolveDNS)
  1054. {
  1055. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  1056. PrintMask(MMFltr.SrcAddr);
  1057. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  1058. }
  1060. //Print Destination Address
  1061. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DST_ADDR_HEADING);
  1062. PrintAddr(MMFltr.DesAddr, addressHash, bResolveDNS);
  1063. if(!bResolveDNS)
  1064. {
  1065. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  1066. PrintMask(MMFltr.DesAddr);
  1067. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  1068. }
  1069. //Print Authentication Methods.
  1070. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_AUTH_HEADING);
  1072. dwReturn = GetMMAuthMethods(g_szDynamicMachine, dwVersion, MMFltr.gMMAuthID, &pMMAM, NULL);
  1073. if (dwReturn != ERROR_SUCCESS)
  1074. {
  1075. BAIL_OUT;
  1076. }
  1077. //This is conversion from old structure to the new structure.
  1078. dwReturn = ConvertExtMMAuthToInt(pMMAM, &pIntMMAuth);
  1080. if (dwReturn != ERROR_SUCCESS)
  1081. {
  1082. BAIL_OUT;
  1083. }
  1085. for (i = 0; i < pIntMMAuth[0].dwNumAuthInfos; i++)
  1086. {
  1087. switch(pIntMMAuth[0].pAuthenticationInfo[i].AuthMethod)
  1088. {
  1089. case IKE_PRESHARED_KEY:
  1090. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_PRE_KEY_HEADING);
  1091. break;
  1092. case IKE_DSS_SIGNATURE:
  1093. case IKE_RSA_SIGNATURE:
  1094. case IKE_RSA_ENCRYPTION:
  1095. dwReturn = DecodeCertificateName(pIntMMAuth[0].pAuthenticationInfo[i].pAuthInfo, pIntMMAuth[0].pAuthenticationInfo[i].dwAuthInfoSize, &pszCertStr);
  1096. if (dwReturn != ERROR_SUCCESS)
  1097. {
  1098. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_UNKNOWN_CERT);
  1099. }
  1100. else
  1101. {
  1102. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NEWLINE_TAB);
  1103. if (pszCertStr)
  1104. {
  1105. DisplayCertInfo(pszCertStr, pIntMMAuth->pAuthenticationInfo[i].dwAuthFlags);
  1106. delete [] pszCertStr;
  1107. pszCertStr = NULL;
  1108. }
  1109. }
  1111. break;
  1112. case IKE_SSPI:
  1113. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_KERB);
  1114. break;
  1115. default:
  1116. break;
  1117. }
  1118. }
  1120. error:
  1121. //Print Security Methods
  1122. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SEC_METHOD_HEADING);
  1123. // Count
  1124. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_CNT,MMPol.dwOfferCount);
  1126. if(IsDefaultMMOffers(MMPol))
  1127. {
  1128. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_DEFAULT_OFFER);
  1129. }
  1131. for (i = 0; i < MMPol.dwOfferCount; i++)
  1132. {
  1133. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1134. PrintMMFilterOffer(MMPol.pOffers[i]);
  1135. }
  1136. //error path clean up
  1137. if(pMMAM)
  1138. {
  1139. SPDApiBufferFree(pMMAM);
  1140. pMMAM = NULL;
  1141. }
  1143. if(pIntMMAuth)
  1144. {
  1145. SPDApiBufferFree(pIntMMAuth);
  1146. pIntMMAuth = NULL;
  1147. }
  1149. return dwReturn;
  1150. }
  1152. ///////////////////////////////////////////////////////////////////////////////////////////
  1153. //
  1154. //Function: IsDefaultMMOffers
  1155. //
  1156. //Date of Creation: 11-21-2001
  1157. //
  1158. //Parameters: IN IPSEC_MM_POLICY MMPol
  1159. //
  1160. //Return: BOOL
  1161. //
  1162. //Description: This function checks for default MM offers
  1163. //
  1164. // Date Author Comments
  1165. //
  1166. //////////////////////////////////////////////////////////////////////////////////////////
  1167. BOOL
  1168. IsDefaultMMOffers(
  1169. IN IPSEC_MM_POLICY MMPol
  1170. )
  1171. {
  1172. BOOL bDefaultOffer = FALSE;
  1174. if(MMPol.dwOfferCount == 3)
  1175. {
  1176. if((MMPol.pOffers[0].EncryptionAlgorithm.uAlgoIdentifier == CONF_ALGO_3_DES)
  1177. &&(MMPol.pOffers[0].HashingAlgorithm.uAlgoIdentifier == AUTH_ALGO_SHA1)
  1178. &&(MMPol.pOffers[0].dwDHGroup == POTF_OAKLEY_GROUP2)
  1179. &&(MMPol.pOffers[1].EncryptionAlgorithm.uAlgoIdentifier == CONF_ALGO_3_DES)
  1180. &&(MMPol.pOffers[1].HashingAlgorithm.uAlgoIdentifier == AUTH_ALGO_MD5)
  1181. &&(MMPol.pOffers[1].dwDHGroup == POTF_OAKLEY_GROUP2)
  1182. &&(MMPol.pOffers[2].EncryptionAlgorithm.uAlgoIdentifier == CONF_ALGO_3_DES)
  1183. &&(MMPol.pOffers[2].HashingAlgorithm.uAlgoIdentifier == AUTH_ALGO_SHA1)
  1184. &&(MMPol.pOffers[2].dwDHGroup == POTF_OAKLEY_GROUP2048))
  1185. {
  1186. bDefaultOffer=TRUE;
  1187. }
  1188. }
  1190. return bDefaultOffer;
  1191. }
  1193. ///////////////////////////////////////////////////////////////////////////////////////////
  1194. //
  1195. //Function: PrintMMFilterOffer
  1196. //
  1197. //Date of Creation: 11-21-2001
  1198. //
  1199. //Parameters: IN IPSEC_MM_OFFER MMOffer
  1200. //
  1201. //Return: VOID
  1202. //
  1203. //Description: This function prints MM offers
  1204. //
  1205. // Date Author Comments
  1206. //
  1207. //////////////////////////////////////////////////////////////////////////////////////////
  1209. VOID
  1210. PrintMMFilterOffer(
  1211. IN IPSEC_MM_OFFER MMOffer
  1212. )
  1213. {
  1214. //This is to display DH2048 as 3
  1215. if(MMOffer.dwDHGroup == DH_GROUP_2048)
  1216. {
  1217. MMOffer.dwDHGroup = 3;
  1218. }
  1219. //Print Encryption algorithm
  1220. switch(MMOffer.EncryptionAlgorithm.uAlgoIdentifier)
  1221. {
  1222. case 1:
  1223. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_DES_ALGO);
  1224. break;
  1225. case 2:
  1226. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_UNKNOWN_ALGO);
  1227. break;
  1228. case 3:
  1229. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_3DES_ALGO);
  1230. break;
  1231. case 0:
  1232. default:
  1233. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_NONE_ALGO);
  1234. break;
  1235. }
  1236. //Print Hash algorithm
  1237. switch(MMOffer.HashingAlgorithm.uAlgoIdentifier)
  1238. {
  1240. case 1:
  1241. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_MD5_ALGO);
  1242. break;
  1243. case 2:
  1244. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_SHA1_ALGO);
  1245. break;
  1246. case 0:
  1247. default:
  1248. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_AH_NONE_ALGO);
  1249. break;
  1251. }
  1252. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_DH_QMLIMIT,MMOffer.dwDHGroup, MMOffer.Lifetime.uKeyExpirationTime, MMOffer.dwQuickModeLimit );
  1253. }
  1255. ///////////////////////////////////////////////////////////////////////////////////////////
  1256. //
  1257. //Function: ShowQMFilters
  1258. //
  1259. //Date of Creation: 11-21-2001
  1260. //
  1261. //Parameters: IN LPTSTR pszShowFilterName,
  1262. // IN LPTSTR pszShowPolicyName
  1263. //
  1264. //Return: DWORD
  1265. //
  1266. //Description: This function prepares data for displaying quick mode filters.
  1267. //
  1268. // Date Author Comments
  1269. //
  1270. //////////////////////////////////////////////////////////////////////////////////////////
  1272. DWORD
  1273. ShowQMFilters(
  1274. IN LPTSTR pszShowFilterName,
  1275. IN BOOL bType,
  1276. IN ADDR SrcAddr,
  1277. IN ADDR DstAddr,
  1278. IN NshHashTable& addressHash,
  1279. IN BOOL bResolveDNS,
  1280. IN BOOL bSrcMask,
  1281. IN BOOL bDstMask,
  1282. IN QM_FILTER_VALUE_BOOL QMBoolValue
  1283. )
  1284. {
  1285. DWORD dwReturn = ERROR_SUCCESS;
  1286. DWORD dwResumeHandle = 0; // handle for continuation calls
  1287. DWORD dwSpecificResumeHandle = 0; // handle for continuation calls
  1288. DWORD dwCount = 0; // counting objects here
  1289. DWORD dwSpecificCount = 0;
  1290. DWORD dwActionFlag = 0;
  1291. GUID gDefaultGUID = {0}; // NULL GUID value
  1292. DWORD i=0, j=0, l=0;
  1293. DWORD dwVersion = 0;
  1294. BOOL bNameFin = FALSE;
  1295. DWORD dwTempCnt = 0;
  1296. LPWSTR pszQMName = NULL;
  1297. BOOL bPrint = FALSE;
  1298. BOOL bPrintIN = FALSE;
  1299. PIPSEC_QM_POLICY pQMPolicy = NULL;
  1300. PTRANSPORT_FILTER pTransF = NULL;
  1301. PTRANSPORT_FILTER pSpecificTransF = NULL;
  1302. //Print generic filters
  1303. if(bType)
  1304. {
  1305. for (i = 0; ;i+=dwCount)
  1306. {
  1307. dwReturn = EnumTransportFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_GENERIC_FILTERS,
  1308. gDefaultGUID, 0, &pTransF, &dwCount, &dwResumeHandle, NULL);
  1310. if (dwReturn == ERROR_NO_DATA || dwCount == 0)
  1311. {
  1312. dwReturn = ERROR_SUCCESS;
  1313. break;
  1314. }
  1316. if (dwReturn != ERROR_SUCCESS)
  1317. {
  1318. BAIL_OUT;
  1319. }
  1321. if(!(pTransF && dwCount > 0))
  1322. {
  1323. BAIL_OUT; // not required to continue.
  1324. }
  1326. for (j = 0; j < dwCount; j++)
  1327. {
  1328. //Get the corresponding QMPolicy for the Transport filter
  1329. dwReturn = GetQMPolicyByID(g_szDynamicMachine, dwVersion, pTransF[j].gPolicyID, 0, &pQMPolicy, NULL);
  1330. if(dwReturn == ERROR_SUCCESS)
  1331. {
  1332. pszQMName = pQMPolicy[0].pszPolicyName;
  1333. }
  1334. else
  1335. {
  1336. //If there is no corresponding filter NULL is passed to the function,
  1337. //so that it is not printed.
  1338. pszQMName = NULL;
  1339. dwReturn = ERROR_SUCCESS;
  1340. }
  1341. //To print inbound and outbound action
  1342. dwActionFlag = 0;
  1344. //Check for the user given parameters. If exists prints the corresponding record
  1345. //otherwise continues for next iteration
  1346. dwReturn = CheckQMFilter(pTransF[j], SrcAddr, DstAddr,
  1347. bDstMask, bSrcMask, QMBoolValue,
  1348. pszShowFilterName);
  1349. if(dwReturn == ERROR_SUCCESS )
  1350. {
  1351. if(!bPrint)
  1352. {
  1353. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TRANSPORT_HEADING);
  1354. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_GENERIC_HEADING);
  1355. bPrint = TRUE;
  1356. }
  1357. bNameFin = TRUE;
  1358. dwTempCnt++;
  1359. //Print the transport filter
  1360. dwReturn = PrintQuickmodeFilter(pTransF[j], pszQMName, addressHash, bResolveDNS, bType, dwActionFlag);
  1361. }
  1363. if(pQMPolicy)
  1364. {
  1365. SPDApiBufferFree(pQMPolicy);
  1366. pQMPolicy = NULL;
  1367. }
  1368. }
  1369. SPDApiBufferFree(pTransF);
  1370. pTransF = NULL;
  1371. }
  1372. if(dwTempCnt > 0)
  1373. {
  1374. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NO_OF_GENERIC_FILTERS, dwTempCnt);
  1375. }
  1376. }
  1377. //Print specific filters
  1378. else if(!bType)
  1379. {
  1380. for (i = 0; ;i+=dwSpecificCount)
  1381. {
  1382. dwReturn = EnumTransportFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_SPECIFIC_FILTERS,
  1383. gDefaultGUID, 0, &pSpecificTransF, &dwSpecificCount, &dwSpecificResumeHandle, NULL);
  1384. if (dwReturn == ERROR_NO_DATA || dwSpecificCount == 0)
  1385. {
  1386. dwReturn = ERROR_SUCCESS;
  1387. break;
  1388. }
  1390. if (dwReturn != ERROR_SUCCESS)
  1391. {
  1392. BAIL_OUT;
  1393. }
  1395. if(!(pSpecificTransF && dwSpecificCount > 0))
  1396. {
  1397. BAIL_OUT; // not required to continue.
  1398. }
  1400. for (l = 0; l < dwSpecificCount; l++)
  1401. {
  1402. //get the corresponding QMPolicy
  1403. dwReturn = GetQMPolicyByID(g_szDynamicMachine, dwVersion, pSpecificTransF[l].gPolicyID, 0, &pQMPolicy, NULL);
  1404. if(dwReturn==ERROR_SUCCESS)
  1405. {
  1406. pszQMName = pQMPolicy[0].pszPolicyName;
  1407. }
  1408. else
  1409. {
  1410. //If there is no corresponding policy pass NULL, so that it is not displayed.
  1411. pszQMName = NULL;
  1412. dwReturn = ERROR_SUCCESS;
  1413. }
  1414. //print outbound filters
  1415. if(pSpecificTransF[l].dwDirection == FILTER_DIRECTION_OUTBOUND)
  1416. {
  1417. dwActionFlag = 1;
  1418. //validate user input parameters.
  1419. dwReturn = CheckQMFilter(pSpecificTransF[l], SrcAddr, DstAddr,
  1420. bDstMask, bSrcMask,QMBoolValue,
  1421. pszShowFilterName);
  1422. if(dwReturn==ERROR_SUCCESS)
  1423. {
  1424. if(!bPrint)
  1425. {
  1426. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TRANSPORT_HEADING);
  1427. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SPECIFIC_HEADING);
  1428. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OUTBOUND_HEADING);
  1429. bPrint = TRUE;
  1430. }
  1431. dwTempCnt++;
  1432. bNameFin = TRUE;
  1433. //print specific filters
  1434. dwReturn = PrintQuickmodeFilter(pSpecificTransF[l], pszQMName, addressHash, bResolveDNS, bType, dwActionFlag);
  1435. }
  1436. if(pQMPolicy)
  1437. {
  1438. SPDApiBufferFree(pQMPolicy);
  1439. pQMPolicy = NULL;
  1440. }
  1441. }
  1442. }
  1444. SPDApiBufferFree(pSpecificTransF);
  1445. pSpecificTransF = NULL;
  1446. }
  1447. //print number of filters
  1448. if(dwTempCnt > 0)
  1449. {
  1450. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NO_OF_SPECIFIC_OUTBOUND, dwTempCnt);
  1451. }
  1453. dwTempCnt = 0;
  1454. dwSpecificCount = 0;
  1455. dwSpecificResumeHandle = 0;
  1456. pSpecificTransF = NULL;
  1458. for (i = 0; ;i+=dwSpecificCount)
  1459. {
  1460. dwReturn = EnumTransportFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_SPECIFIC_FILTERS, gDefaultGUID, 0, &pSpecificTransF, &dwSpecificCount, &dwSpecificResumeHandle, NULL);
  1461. if (dwReturn == ERROR_NO_DATA || dwSpecificCount == 0)
  1462. {
  1463. dwReturn = ERROR_SUCCESS;
  1464. break;
  1465. }
  1467. if (dwReturn != ERROR_SUCCESS)
  1468. {
  1469. BAIL_OUT;
  1470. }
  1472. if(!(pSpecificTransF && dwSpecificCount > 0))
  1473. {
  1474. BAIL_OUT; // not required to continue.
  1475. }
  1478. for (l = 0; l < dwSpecificCount; l++)
  1479. {
  1480. //get the corresponding QMPolicy
  1481. dwReturn = GetQMPolicyByID(g_szDynamicMachine, dwVersion, pSpecificTransF[l].gPolicyID, 0, &pQMPolicy, NULL);
  1482. if(dwReturn==ERROR_SUCCESS)
  1483. {
  1484. pszQMName = pQMPolicy[0].pszPolicyName;
  1485. }
  1486. else
  1487. {
  1488. //if there is no corresponding policy pass NULL, so that it is not printed.
  1489. pszQMName = NULL;
  1490. dwReturn = ERROR_SUCCESS;
  1491. }
  1492. //Print inbound filters
  1493. if(pSpecificTransF[l].dwDirection == FILTER_DIRECTION_INBOUND)
  1494. {
  1495. //To print inbound and outbound filteraction
  1496. dwActionFlag = 2;
  1498. //validate user input data
  1499. dwReturn = CheckQMFilter(pSpecificTransF[l], SrcAddr, DstAddr,
  1500. bDstMask, bSrcMask,QMBoolValue,
  1501. pszShowFilterName);
  1502. if(dwReturn==ERROR_SUCCESS)
  1503. {
  1504. if(!bPrintIN)
  1505. {
  1506. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1507. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1508. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TRANSPORT_HEADING);
  1509. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SPECIFIC_HEADING);
  1510. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_INBOUND_HEADING);
  1511. bPrintIN = TRUE;
  1512. }
  1513. dwTempCnt++;
  1514. bNameFin = TRUE;
  1515. //print specific filter data
  1516. dwReturn = PrintQuickmodeFilter(pSpecificTransF[l], pszQMName, addressHash, bResolveDNS, bType, dwActionFlag);
  1517. }
  1519. if(pQMPolicy)
  1520. {
  1521. SPDApiBufferFree(pQMPolicy);
  1522. pQMPolicy = NULL;
  1523. }
  1524. }
  1525. }
  1527. SPDApiBufferFree(pSpecificTransF);
  1528. pSpecificTransF = NULL;
  1529. }
  1530. //print number of filters
  1531. if(dwTempCnt > 0)
  1532. {
  1533. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NO_OF_SPECIFIC_INBOUND, dwTempCnt);
  1534. }
  1535. }
  1537. error:
  1538. //even if there is no transport filters, tunnel can be shown
  1540. dwReturn = ShowTunnelFilters(pszShowFilterName, bType, SrcAddr, DstAddr, addressHash,
  1541. bResolveDNS, bSrcMask, bDstMask, QMBoolValue, bNameFin);
  1543. if(!bNameFin)
  1544. {
  1545. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1546. if(pszShowFilterName)
  1547. {
  1548. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_QMF_8);
  1549. }
  1550. else
  1551. {
  1552. if(bType)
  1553. {
  1554. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_QMF_6);
  1555. }
  1556. else
  1557. {
  1558. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_QMF_7);
  1559. }
  1560. }
  1561. dwReturn = ERROR_SUCCESS;
  1562. }
  1563. //error path clean up
  1564. if(pQMPolicy)
  1565. {
  1566. SPDApiBufferFree(pQMPolicy);
  1567. pQMPolicy = NULL;
  1568. }
  1570. if(pTransF)
  1571. {
  1572. SPDApiBufferFree(pTransF);
  1573. pTransF = NULL;
  1574. }
  1576. if(pSpecificTransF)
  1577. {
  1578. SPDApiBufferFree(pSpecificTransF);
  1579. pSpecificTransF = NULL;
  1580. }
  1582. return dwReturn;
  1583. }
  1586. ///////////////////////////////////////////////////////////////////////////////////////////
  1587. //
  1588. //Function: ShowTunnelFilters
  1589. //
  1590. //Date of Creation: 11-21-2001
  1591. //
  1592. //Parameters: IN LPTSTR pszShowFilterName,
  1593. // IN BOOL bType,
  1594. // IN ADDR SrcAddr,
  1595. // IN ADDR DstAddr,
  1596. // IN NshHashTable& addressHash,
  1597. // IN BOOL bResolveDNS,
  1598. // IN BOOL bSrcMask,
  1599. // IN BOOL bDstMask,
  1600. // IN QM_FILTER_VALUE_BOOL QMBoolValue,
  1601. // IN OUT BOOL& bNameFin
  1602. //
  1603. //
  1604. //Return: DWORD
  1605. //
  1606. //Description: This function prepares data for displaying Tunnel filters.
  1607. //
  1608. // Date Author Comments
  1609. //
  1610. //////////////////////////////////////////////////////////////////////////////////////////
  1611. DWORD
  1612. ShowTunnelFilters(
  1613. IN LPTSTR pszShowFilterName,
  1614. IN BOOL bType,
  1615. IN ADDR SrcAddr,
  1616. IN ADDR DstAddr,
  1617. IN NshHashTable& addressHash,
  1618. IN BOOL bResolveDNS,
  1619. IN BOOL bSrcMask,
  1620. IN BOOL bDstMask,
  1621. IN QM_FILTER_VALUE_BOOL QMBoolValue,
  1622. IN OUT BOOL& bNameFin
  1623. )
  1624. {
  1625. DWORD dwReturn = ERROR_SUCCESS;
  1626. DWORD dwResumeHandle = 0; // handle for continuation calls
  1627. DWORD dwSpecificResumeHandle = 0; // handle for continuation calls
  1628. DWORD dwCount = 0; // counting objects here
  1629. DWORD dwSpecificCount = 0;
  1630. GUID gDefaultGUID = {0}; // NULL GUID value
  1631. DWORD i=0, j=0, l=0;
  1632. DWORD dwVersion = 0;
  1633. DWORD dwTempCnt = 0;
  1634. LPWSTR pszQMName = NULL;
  1635. BOOL bPrint = FALSE;
  1636. BOOL bPrintIN = FALSE;
  1638. PIPSEC_QM_POLICY pQMPolicy = NULL;
  1639. PTUNNEL_FILTER pTunnelF = NULL;
  1640. PTUNNEL_FILTER pSpecificTunnelF = NULL;
  1642. DWORD dwActionFlag = 0;
  1643. //print generic filters
  1644. if(bType)
  1645. {
  1646. for (i = 0; ;i+=dwCount)
  1647. {
  1648. dwReturn = EnumTunnelFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_GENERIC_FILTERS, gDefaultGUID, 0, &pTunnelF, &dwCount, &dwResumeHandle, NULL);
  1650. if (dwReturn == ERROR_NO_DATA || dwCount == 0)
  1651. {
  1652. dwReturn = ERROR_SUCCESS;
  1653. break;
  1654. }
  1656. if (dwReturn != ERROR_SUCCESS)
  1657. {
  1658. BAIL_OUT;
  1659. }
  1661. if(!(pTunnelF && dwCount > 0))
  1662. {
  1663. BAIL_OUT; // not required to continue.
  1664. }
  1666. for (j = 0; j < dwCount; j++)
  1667. {
  1668. //get the corresponding QMPolicy
  1669. dwReturn = GetQMPolicyByID(g_szDynamicMachine, dwVersion, pTunnelF[j].gPolicyID, 0, &pQMPolicy, NULL);
  1670. if(dwReturn == ERROR_SUCCESS)
  1671. {
  1672. pszQMName = pQMPolicy[0].pszPolicyName;
  1673. }
  1674. else
  1675. {
  1676. //if there is no policy pass NULL, for not printing the policy
  1677. pszQMName = NULL;
  1678. dwReturn = ERROR_SUCCESS;
  1679. }
  1680. dwActionFlag = 0;
  1681. //validate the user input data.
  1682. dwReturn = CheckQMFilter(pTunnelF[j], SrcAddr, DstAddr,
  1683. bDstMask, bSrcMask, QMBoolValue,
  1684. pszShowFilterName);
  1685. if(dwReturn == ERROR_SUCCESS )
  1686. {
  1687. if(!bPrint)
  1688. {
  1689. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_HEADING);
  1690. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_GENERIC_HEADING);
  1691. bPrint = TRUE;
  1692. }
  1693. bNameFin = TRUE;
  1694. dwTempCnt++;
  1695. //print the filter data
  1696. dwReturn = PrintQuickmodeFilter(pTunnelF[j], pszQMName, addressHash, bResolveDNS, bType, dwActionFlag);
  1697. }
  1699. if(pQMPolicy)
  1700. {
  1701. SPDApiBufferFree(pQMPolicy);
  1702. pQMPolicy = NULL;
  1703. }
  1704. }
  1706. SPDApiBufferFree(pTunnelF);
  1707. pTunnelF = NULL;
  1708. }
  1709. //print the number of filters.
  1710. if(dwTempCnt > 0)
  1711. {
  1712. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NO_OF_GENERIC_FILTERS, dwTempCnt);
  1713. }
  1714. }
  1715. //print for Specific filters
  1716. else if(!bType)
  1717. {
  1718. for (i = 0; ;i+=dwSpecificCount)
  1719. {
  1720. dwReturn = EnumTunnelFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_SPECIFIC_FILTERS, gDefaultGUID, 0, &pSpecificTunnelF, &dwSpecificCount, &dwSpecificResumeHandle, NULL);
  1721. if (dwReturn == ERROR_NO_DATA || dwSpecificCount == 0)
  1722. {
  1723. dwReturn = ERROR_SUCCESS;
  1724. break; //Still more to show up, break from the loop...
  1725. }
  1727. if (dwReturn != ERROR_SUCCESS)
  1728. {
  1729. BAIL_OUT;
  1730. }
  1732. if(!(pSpecificTunnelF && dwSpecificCount > 0))
  1733. {
  1734. BAIL_OUT; // not required to continue.
  1735. }
  1737. for (l = 0; l < dwSpecificCount; l++)
  1738. {
  1739. //get the corresponding QMPolicy
  1740. dwReturn = GetQMPolicyByID(g_szDynamicMachine, dwVersion, pSpecificTunnelF[l].gPolicyID, 0, &pQMPolicy, NULL);
  1741. if(dwReturn==ERROR_SUCCESS)
  1742. {
  1743. pszQMName = pQMPolicy[0].pszPolicyName;
  1744. }
  1745. else
  1746. {
  1747. //If there is no corresponding policy is not there,
  1748. //pass NULL so that policy is not printed.
  1749. pszQMName = NULL;
  1750. dwReturn = ERROR_SUCCESS;
  1751. }
  1752. //First print outbound filters
  1753. if(pSpecificTunnelF[l].dwDirection == FILTER_DIRECTION_OUTBOUND)
  1754. {
  1755. dwActionFlag = 1;
  1756. //Validate user input data.
  1757. dwReturn = CheckQMFilter(pSpecificTunnelF[l], SrcAddr, DstAddr,
  1758. bDstMask, bSrcMask, QMBoolValue,
  1759. pszShowFilterName);
  1760. if(dwReturn==ERROR_SUCCESS)
  1761. {
  1762. if(!bPrint)
  1763. {
  1764. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_HEADING);
  1765. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SPECIFIC_HEADING);
  1766. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OUTBOUND_HEADING);
  1767. bPrint = TRUE;
  1768. }
  1769. dwTempCnt++;
  1770. bNameFin = TRUE;
  1771. //print specific filter data.
  1772. dwReturn = PrintQuickmodeFilter(pSpecificTunnelF[l], pszQMName, addressHash, bResolveDNS, bType, dwActionFlag);
  1773. }
  1775. if(pQMPolicy == NULL)
  1776. {
  1777. SPDApiBufferFree(pQMPolicy);
  1778. pQMPolicy = NULL;
  1779. }
  1780. }
  1781. }
  1783. SPDApiBufferFree(pSpecificTunnelF);
  1784. pSpecificTunnelF = NULL;
  1785. }
  1787. if(dwTempCnt > 0)
  1788. {
  1789. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NO_OF_SPECIFIC_OUTBOUND, dwTempCnt);
  1790. }
  1792. dwTempCnt = 0;
  1793. dwSpecificCount = 0;
  1794. dwSpecificResumeHandle = 0;
  1795. pSpecificTunnelF = NULL;
  1797. for (i = 0; ;i+=dwSpecificCount)
  1798. {
  1799. dwReturn = EnumTunnelFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_SPECIFIC_FILTERS, gDefaultGUID, 0, &pSpecificTunnelF, &dwSpecificCount, &dwSpecificResumeHandle, NULL);
  1800. if (dwReturn == ERROR_NO_DATA || dwSpecificCount == 0)
  1801. {
  1802. dwReturn = ERROR_SUCCESS;
  1803. break;
  1804. }
  1806. if (dwReturn != ERROR_SUCCESS)
  1807. {
  1808. BAIL_OUT;
  1809. }
  1811. if(!(pSpecificTunnelF && dwSpecificCount > 0))
  1812. {
  1813. BAIL_OUT; // not required to continue.
  1814. }
  1816. for (l = 0; l < dwSpecificCount; l++)
  1817. {
  1818. //get the corresponding QMPolicy for the filter
  1819. dwReturn = GetQMPolicyByID(g_szDynamicMachine, dwVersion, pSpecificTunnelF[l].gPolicyID, 0, &pQMPolicy, NULL);
  1820. if(dwReturn==ERROR_SUCCESS)
  1821. {
  1822. pszQMName = pQMPolicy[0].pszPolicyName;
  1823. }
  1824. else
  1825. {
  1826. //if the corresponding filter name is not present, pass NULL so that it is not printed.
  1827. pszQMName = NULL;
  1828. dwReturn = ERROR_SUCCESS;
  1829. }
  1830. // then print all inbound filters
  1831. if(pSpecificTunnelF[l].dwDirection == FILTER_DIRECTION_INBOUND)
  1832. {
  1833. dwActionFlag = 2;
  1834. //validate user input
  1835. dwReturn = CheckQMFilter(pSpecificTunnelF[l], SrcAddr, DstAddr,
  1836. bDstMask, bSrcMask, QMBoolValue,
  1837. pszShowFilterName);
  1838. if(dwReturn==ERROR_SUCCESS)
  1839. {
  1840. if(!bPrintIN)
  1841. {
  1842. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1843. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1844. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_HEADING);
  1845. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SPECIFIC_HEADING);
  1846. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_INBOUND_HEADING);
  1847. bPrintIN = TRUE;
  1848. }
  1849. dwTempCnt++;
  1850. bNameFin = TRUE;
  1851. //print tunnel specific filter data
  1852. dwReturn = PrintQuickmodeFilter(pSpecificTunnelF[l], pszQMName, addressHash, bResolveDNS, bType, dwActionFlag);
  1853. }
  1855. if(pQMPolicy)
  1856. {
  1857. SPDApiBufferFree(pQMPolicy);
  1858. pQMPolicy = NULL;
  1859. }
  1860. }
  1861. }
  1862. SPDApiBufferFree(pSpecificTunnelF);
  1863. pSpecificTunnelF = NULL;
  1864. }
  1865. //print number of filters
  1866. if(dwTempCnt > 0)
  1867. {
  1868. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NO_OF_SPECIFIC_INBOUND, dwTempCnt);
  1869. }
  1870. }
  1872. error:
  1873. if(pQMPolicy)
  1874. {
  1875. SPDApiBufferFree(pQMPolicy);
  1876. pQMPolicy = NULL;
  1877. }
  1878. //error path clean up
  1879. if(pTunnelF)
  1880. {
  1881. SPDApiBufferFree(pTunnelF);
  1882. pTunnelF = NULL;
  1883. }
  1885. if(pSpecificTunnelF)
  1886. {
  1887. SPDApiBufferFree(pSpecificTunnelF);
  1888. pSpecificTunnelF = NULL;
  1889. }
  1891. return dwReturn;
  1892. }
  1896. ///////////////////////////////////////////////////////////////////////////////////////////
  1897. //
  1898. //Function: CheckQMFilter
  1899. //
  1900. //Date of Creation: 11-21-2001
  1901. //
  1902. //Parameters: IN TRANSPORT_FILTER TransF,
  1903. // IN ADDR SrcAddr,
  1904. // IN ADDR DstAddr,
  1905. // IN BOOL bDstMask,
  1906. // IN BOOL bSrcMask,
  1907. // IN QM_FILTER_VALUE_BOOL QMBoolValue,
  1908. // IN LPWSTR pszShowFilterName
  1909. //
  1910. //
  1911. //Return: DWORD
  1912. //
  1913. //Description: This function prepares data for QM Transport Filter and validates the input
  1914. //
  1915. // Date Author Comments
  1916. //
  1917. //////////////////////////////////////////////////////////////////////////////////////////
  1918. DWORD
  1919. CheckQMFilter(
  1920. IN TRANSPORT_FILTER TransF,
  1921. IN ADDR SrcAddr,
  1922. IN ADDR DstAddr,
  1923. IN BOOL bDstMask,
  1924. IN BOOL bSrcMask,
  1925. IN QM_FILTER_VALUE_BOOL QMBoolValue,
  1926. IN LPWSTR pszShowFilterName
  1927. )
  1928. {
  1929. DWORD dwReturn = ERROR_SUCCESS;
  1931. while(1)
  1932. {
  1933. //Validates user given input for Source address
  1934. switch(SrcAddr.AddrType)
  1935. {
  1936. case IP_ADDR_WINS_SERVER:
  1937. case IP_ADDR_DHCP_SERVER:
  1938. case IP_ADDR_DNS_SERVER:
  1939. case IP_ADDR_DEFAULT_GATEWAY:
  1940. if(TransF.SrcAddr.AddrType != SrcAddr.AddrType)
  1941. {
  1942. dwReturn = ERROR_NO_DISPLAY;
  1943. BAIL_OUT;
  1944. }
  1945. break;
  1946. default:
  1947. if(SrcAddr.uIpAddr != 0xFFFFFFFF)
  1948. {
  1949. if(TransF.SrcAddr.uIpAddr != SrcAddr.uIpAddr)
  1950. {
  1951. dwReturn = ERROR_NO_DISPLAY;
  1952. BAIL_OUT;
  1953. }
  1954. }
  1955. break;
  1956. }
  1957. //Validates user given input for Destination address
  1958. switch(DstAddr.AddrType)
  1959. {
  1960. case IP_ADDR_WINS_SERVER:
  1961. case IP_ADDR_DHCP_SERVER:
  1962. case IP_ADDR_DNS_SERVER:
  1963. case IP_ADDR_DEFAULT_GATEWAY:
  1964. if(TransF.DesAddr.AddrType != DstAddr.AddrType)
  1965. {
  1966. dwReturn = ERROR_NO_DISPLAY;
  1967. BAIL_OUT;
  1968. }
  1969. break;
  1970. default:
  1971. if(DstAddr.uIpAddr != 0xFFFFFFFF)
  1972. {
  1973. if(TransF.DesAddr.uIpAddr != DstAddr.uIpAddr)
  1974. {
  1975. dwReturn = ERROR_NO_DISPLAY;
  1976. BAIL_OUT;
  1977. }
  1978. }
  1979. break;
  1980. }
  1981. //Validates user given input for Source port
  1982. if(QMBoolValue.bSrcPort)
  1983. {
  1984. if(TransF.SrcPort.wPort != (WORD)QMBoolValue.dwSrcPort)
  1985. {
  1986. dwReturn = ERROR_NO_DISPLAY;
  1987. BAIL_OUT;
  1988. }
  1989. }
  1990. //Validates user given input for Destination port
  1991. if(QMBoolValue.bDstPort)
  1992. {
  1993. if(TransF.DesPort.wPort != (WORD)QMBoolValue.dwDstPort)
  1994. {
  1995. dwReturn = ERROR_NO_DISPLAY;
  1996. BAIL_OUT;
  1997. }
  1998. }
  1999. //Validates user given input for Protocol
  2000. if(QMBoolValue.bProtocol)
  2001. {
  2002. if(TransF.Protocol.dwProtocol != QMBoolValue.dwProtocol)
  2003. {
  2004. dwReturn = ERROR_NO_DISPLAY;
  2005. BAIL_OUT;
  2006. }
  2007. }
  2008. //Validates user given input for Inbound action
  2009. if(QMBoolValue.bActionInbound)
  2010. {
  2011. if(TransF.InboundFilterAction != (FILTER_ACTION)QMBoolValue.dwActionInbound)
  2012. {
  2013. dwReturn = ERROR_NO_DISPLAY;
  2014. BAIL_OUT;
  2015. }
  2016. }
  2017. //Validates user given input for Outbound action
  2018. if(QMBoolValue.bActionOutbound)
  2019. {
  2020. if(TransF.OutboundFilterAction != (FILTER_ACTION)QMBoolValue.dwActionOutbound)
  2021. {
  2022. dwReturn = ERROR_NO_DISPLAY;
  2023. BAIL_OUT;
  2024. }
  2025. }
  2026. //Validates user given input for Source Mask
  2027. if(bSrcMask)
  2028. {
  2029. if(TransF.SrcAddr.uSubNetMask != SrcAddr.uSubNetMask)
  2030. {
  2031. dwReturn = ERROR_NO_DISPLAY;
  2032. BAIL_OUT;
  2033. }
  2034. }
  2035. //Validates user given input for Destination address
  2036. if(bDstMask)
  2037. {
  2038. if(TransF.DesAddr.uSubNetMask != DstAddr.uSubNetMask)
  2039. {
  2040. dwReturn = ERROR_NO_DISPLAY;
  2041. BAIL_OUT;
  2042. }
  2043. }
  2044. //Validates user given input for Filtername
  2045. if(pszShowFilterName!=NULL)
  2046. {
  2047. if(_tcsicmp(TransF.pszFilterName, pszShowFilterName) != 0)
  2048. {
  2049. dwReturn = ERROR_NO_DISPLAY;
  2050. BAIL_OUT;
  2051. }
  2052. }
  2054. //Every thing fine... All matched
  2055. BAIL_OUT;
  2056. }
  2058. error:
  2059. return dwReturn;
  2061. }
  2063. ///////////////////////////////////////////////////////////////////////////////////////////
  2064. //
  2065. //Function: CheckQMFilter
  2066. //
  2067. //Date of Creation: 11-21-2001
  2068. //
  2069. //Parameters: IN TUNNEL_FILTER TunnelF,
  2070. // IN ADDR SrcAddr,
  2071. // IN ADDR DstAddr,
  2072. // IN BOOL bDstMask,
  2073. // IN BOOL bSrcMask,
  2074. // IN QM_FILTER_VALUE_BOOL QMBoolValue,
  2075. // IN LPWSTR pszShowFilterName
  2076. //Return: DWORD
  2077. //
  2078. //Description: This function prepares data for QM Tunnel Filter and validates the input
  2079. //
  2080. // Date Author Comments
  2081. //
  2082. //////////////////////////////////////////////////////////////////////////////////////////
  2084. DWORD
  2085. CheckQMFilter(
  2086. IN TUNNEL_FILTER TunnelF,
  2087. IN ADDR SrcAddr,
  2088. IN ADDR DstAddr,
  2089. IN BOOL bDstMask,
  2090. IN BOOL bSrcMask,
  2091. IN QM_FILTER_VALUE_BOOL QMBoolValue,
  2092. IN LPWSTR pszShowFilterName
  2093. )
  2094. {
  2095. DWORD dwReturn = ERROR_SUCCESS;
  2097. while(1)
  2098. {
  2099. //Validates user given input for Source address
  2100. switch(SrcAddr.AddrType)
  2101. {
  2102. case IP_ADDR_WINS_SERVER:
  2103. case IP_ADDR_DHCP_SERVER:
  2104. case IP_ADDR_DNS_SERVER:
  2105. case IP_ADDR_DEFAULT_GATEWAY:
  2106. if(TunnelF.SrcAddr.AddrType != SrcAddr.AddrType)
  2107. {
  2108. dwReturn = ERROR_NO_DISPLAY;
  2109. BAIL_OUT;
  2110. }
  2111. break;
  2112. default:
  2113. if(SrcAddr.uIpAddr != 0xFFFFFFFF)
  2114. {
  2115. if(TunnelF.SrcAddr.uIpAddr != SrcAddr.uIpAddr)
  2116. {
  2117. dwReturn = ERROR_NO_DISPLAY;
  2118. BAIL_OUT;
  2119. }
  2120. }
  2121. break;
  2122. }
  2123. //Validates user given input for Destination address
  2124. switch(DstAddr.AddrType)
  2125. {
  2126. case IP_ADDR_WINS_SERVER:
  2127. case IP_ADDR_DHCP_SERVER:
  2128. case IP_ADDR_DNS_SERVER:
  2129. case IP_ADDR_DEFAULT_GATEWAY:
  2130. if(TunnelF.DesAddr.AddrType != DstAddr.AddrType)
  2131. {
  2132. dwReturn = ERROR_NO_DISPLAY;
  2133. BAIL_OUT;
  2134. }
  2135. break;
  2136. default:
  2137. if(DstAddr.uIpAddr != 0xFFFFFFFF)
  2138. {
  2139. if(TunnelF.DesAddr.uIpAddr != DstAddr.uIpAddr)
  2140. {
  2141. dwReturn = ERROR_NO_DISPLAY;
  2142. BAIL_OUT;
  2143. }
  2144. }
  2145. break;
  2146. }
  2147. //Validates user given input for Source port
  2148. if(QMBoolValue.bSrcPort)
  2149. {
  2150. if(TunnelF.SrcPort.wPort != (WORD)QMBoolValue.dwSrcPort)
  2151. {
  2152. dwReturn = ERROR_NO_DISPLAY;
  2153. BAIL_OUT;
  2154. }
  2155. }
  2156. //Validates user given input for Destination port
  2157. if(QMBoolValue.bDstPort)
  2158. {
  2159. if(TunnelF.DesPort.wPort != (WORD)QMBoolValue.dwDstPort)
  2160. {
  2161. dwReturn = ERROR_NO_DISPLAY;
  2162. BAIL_OUT;
  2163. }
  2164. }
  2165. //Validates user given input for protocol
  2166. if(QMBoolValue.bProtocol)
  2167. {
  2168. if(TunnelF.Protocol.dwProtocol != QMBoolValue.dwProtocol)
  2169. {
  2170. dwReturn = ERROR_NO_DISPLAY;
  2171. BAIL_OUT;
  2172. }
  2173. }
  2174. //Validates user given input for Inbound action
  2175. if(QMBoolValue.bActionInbound)
  2176. {
  2177. if(TunnelF.InboundFilterAction != (FILTER_ACTION)QMBoolValue.dwActionInbound)
  2178. {
  2179. dwReturn = ERROR_NO_DISPLAY;
  2180. BAIL_OUT;
  2181. }
  2182. }
  2183. //Validates user given input for outbound action
  2184. if(QMBoolValue.bActionOutbound)
  2185. {
  2186. if(TunnelF.OutboundFilterAction != (FILTER_ACTION)QMBoolValue.dwActionOutbound)
  2187. {
  2188. dwReturn = ERROR_NO_DISPLAY;
  2189. BAIL_OUT;
  2190. }
  2191. }
  2192. //Validates user given input for Source Mask
  2193. if(bSrcMask)
  2194. {
  2195. if(TunnelF.SrcAddr.uSubNetMask != SrcAddr.uSubNetMask)
  2196. {
  2197. dwReturn = ERROR_NO_DISPLAY;
  2198. BAIL_OUT;
  2199. }
  2200. }
  2201. //Validates user given input for Destination mask
  2202. if(bDstMask)
  2203. {
  2204. if(TunnelF.DesAddr.uSubNetMask != DstAddr.uSubNetMask)
  2205. {
  2206. dwReturn = ERROR_NO_DISPLAY;
  2207. BAIL_OUT;
  2208. }
  2209. }
  2210. //Validates user given input for filter name
  2211. if(pszShowFilterName!=NULL)
  2212. {
  2213. if(_tcsicmp(TunnelF.pszFilterName, pszShowFilterName) != 0)
  2214. {
  2215. dwReturn = ERROR_NO_DISPLAY;
  2216. BAIL_OUT;
  2217. }
  2218. }
  2220. //Every thing fine... All matched
  2221. BAIL_OUT;
  2223. }
  2225. error:
  2226. return dwReturn;
  2228. }
  2231. ///////////////////////////////////////////////////////////////////////////////////////////
  2232. //
  2233. //Function: PrintQuickmodeFilter
  2234. //
  2235. //Date of Creation: 11-21-2001
  2236. //
  2237. //Parameters:
  2238. // IN TRANSPORT_FILTER TransF,
  2239. // IN LPWSTR pszQMName,
  2240. // IN NshHashTable& addressHash
  2241. // IN BOOL bResolveDNS,
  2242. // IN BOOL bType,
  2243. // IN DWORD dwActionFlag
  2244. //
  2245. //Return: DWORD
  2246. //
  2247. //Description: This function prints Transport filter details
  2248. //
  2249. // Date Author Comments
  2250. //
  2251. //////////////////////////////////////////////////////////////////////////////////////////
  2253. DWORD
  2254. PrintQuickmodeFilter(
  2255. IN TRANSPORT_FILTER TransF,
  2256. IN LPWSTR pszQMName,
  2257. IN NshHashTable& addressHash,
  2258. IN BOOL bResolveDNS,
  2259. IN BOOL bType,
  2260. IN DWORD dwActionFlag
  2261. )
  2262. {
  2263. DWORD dwReturn = ERROR_SUCCESS;
  2264. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  2265. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_UNDERLINE);
  2267. //Print FilterName
  2268. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NAME, TransF.pszFilterName);
  2269. //Print Connection Type
  2270. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_HEADING);
  2271. switch(TransF.InterfaceType)
  2272. {
  2273. case INTERFACE_TYPE_ALL:
  2274. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_ALL);
  2275. break;
  2276. case INTERFACE_TYPE_LAN:
  2277. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_LAN);
  2278. break;
  2279. case INTERFACE_TYPE_DIALUP:
  2280. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_DIALUP);
  2281. break;
  2282. default:
  2283. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_UNKNOWN);
  2284. break;
  2285. }
  2286. //Print Weight
  2287. if(!bType)
  2288. {
  2289. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_FILTER_WEIGHT, TransF.dwWeight);
  2290. }
  2291. //Print Source Address
  2292. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_ADDR_HEADING);
  2293. PrintAddr(TransF.SrcAddr, addressHash, bResolveDNS);
  2294. if(!bResolveDNS)
  2295. {
  2296. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  2297. PrintMask(TransF.SrcAddr);
  2298. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  2299. }
  2300. //Print Destination Address
  2301. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DST_ADDR_HEADING);
  2302. PrintAddr(TransF.DesAddr, addressHash, bResolveDNS);
  2303. if(!bResolveDNS)
  2304. {
  2305. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  2306. PrintMask(TransF.DesAddr);
  2307. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  2308. }
  2309. //Print Protocol
  2310. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_HEADING);
  2311. switch(TransF.Protocol.dwProtocol)
  2312. {
  2313. case PROT_ID_ICMP:
  2314. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_ICMP);
  2315. break;
  2316. case PROT_ID_TCP:
  2317. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TCP);
  2318. break;
  2319. case PROT_ID_UDP:
  2320. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_UDP);
  2321. break;
  2322. case PROT_ID_RAW:
  2323. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_RAW);
  2324. break;
  2325. case PROT_ID_ANY:
  2326. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_ANY);
  2327. break;
  2328. default:
  2329. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DEFAULT_PROTOCOL, TransF.Protocol.dwProtocol);
  2330. break;
  2332. }
  2333. //Print Src, Des Port
  2334. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_DST_PORT,TransF.SrcPort.wPort,TransF.DesPort.wPort);
  2335. //Print Mirror
  2336. if(TransF.bCreateMirror)
  2337. {
  2338. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MIRR_YES);
  2339. }
  2340. else
  2341. {
  2342. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MIRR_NO);
  2343. }
  2344. // Print Qm Policy Name
  2345. if(pszQMName != NULL)
  2346. {
  2347. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_NAME,pszQMName);
  2348. }
  2349. //Print Action Flag
  2350. if(dwActionFlag == 0 || dwActionFlag == 2)
  2351. {
  2352. switch(TransF.InboundFilterAction)
  2353. {
  2354. case PASS_THRU:
  2355. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_PASSTHRU);
  2356. break;
  2357. case NEGOTIATE_SECURITY:
  2358. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_NEGOTIATE);
  2359. break;
  2360. case BLOCKING:
  2361. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_BLOCK);
  2362. break;
  2363. default:
  2364. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_UNKNOWN);
  2365. break;
  2366. }
  2367. }
  2368. if(dwActionFlag == 0 || dwActionFlag == 1)
  2369. {
  2370. switch(TransF.OutboundFilterAction)
  2371. {
  2372. case PASS_THRU:
  2373. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_PASSTHRU);
  2374. break;
  2375. case NEGOTIATE_SECURITY:
  2376. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_NEGOTIATE);
  2377. break;
  2378. case BLOCKING:
  2379. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_BLOCK);
  2380. break;
  2381. default:
  2382. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_UNKNOWN);
  2383. break;
  2384. }
  2385. }
  2387. return dwReturn;
  2388. }
  2390. ///////////////////////////////////////////////////////////////////////////////////////////
  2391. //
  2392. //Function: PrintQuickmodeFilter
  2393. //
  2394. //Date of Creation: 11-21-2001
  2395. //
  2396. //Parameters:
  2397. // IN TUNNEL_FILTER TunnelF,
  2398. // IN LPWSTR pszQMName,
  2399. // IN NshHashTable& addressHash
  2400. // IN BOOL bResolveDNS,
  2401. // IN BOOL bType,
  2402. // IN DWORD dwActionFlag
  2403. //
  2404. //Return: DWORD
  2405. //
  2406. //Description: This function prints Tunnel filter details
  2407. //
  2408. // Date Author Comments
  2409. //
  2410. //////////////////////////////////////////////////////////////////////////////////////////
  2411. DWORD
  2412. PrintQuickmodeFilter(
  2413. IN TUNNEL_FILTER TunnelF,
  2414. IN LPWSTR pszQMName,
  2415. IN NshHashTable& addressHash,
  2416. IN BOOL bResolveDNS,
  2417. IN BOOL bType,
  2418. IN DWORD dwActionFlag
  2419. )
  2420. {
  2421. DWORD dwReturn = ERROR_SUCCESS;
  2423. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  2424. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_UNDERLINE);
  2426. //Print FilterName
  2427. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NAME, TunnelF.pszFilterName);
  2429. //Print Connection Type
  2430. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_HEADING);
  2432. switch(TunnelF.InterfaceType)
  2433. {
  2434. case INTERFACE_TYPE_ALL:
  2435. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_ALL);
  2436. break;
  2437. case INTERFACE_TYPE_LAN:
  2438. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_LAN);
  2439. break;
  2440. case INTERFACE_TYPE_DIALUP:
  2441. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_DIALUP);
  2442. break;
  2443. default:
  2444. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_UNKNOWN);
  2445. break;
  2446. }
  2447. //Print Weight
  2448. if(!bType)
  2449. {
  2450. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_FILTER_WEIGHT, TunnelF.dwWeight);
  2451. }
  2453. //Print Source Address
  2454. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_ADDR_HEADING);
  2455. PrintAddr(TunnelF.SrcAddr, addressHash, bResolveDNS);
  2456. if(!bResolveDNS)
  2457. {
  2458. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  2459. PrintMask(TunnelF.SrcAddr);
  2460. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  2461. }
  2462. //Print Destination Address
  2463. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DST_ADDR_HEADING);
  2464. PrintAddr(TunnelF.DesAddr, addressHash, bResolveDNS);
  2465. if(!bResolveDNS)
  2466. {
  2467. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  2468. PrintMask(TunnelF.DesAddr);
  2469. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  2470. }
  2471. //Print Tunnel Src
  2472. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_SRC);
  2473. PrintAddr(TunnelF.SrcTunnelAddr, addressHash, bResolveDNS);
  2474. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_DST);
  2475. PrintAddr(TunnelF.DesTunnelAddr, addressHash, bResolveDNS);
  2477. //Print Protocol
  2478. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_HEADING);
  2479. switch(TunnelF.Protocol.dwProtocol)
  2480. {
  2481. case PROT_ID_ICMP: //1
  2482. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_ICMP);
  2483. break;
  2484. case PROT_ID_TCP: //6
  2485. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TCP);
  2486. break;
  2487. case PROT_ID_UDP: //17
  2488. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_UDP);
  2489. break;
  2490. case PROT_ID_RAW: //255
  2491. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_RAW);
  2492. break;
  2493. case PROT_ID_ANY: //0
  2494. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_ANY);
  2495. break;
  2496. default:
  2497. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DEFAULT_PROTOCOL, TunnelF.Protocol.dwProtocol);
  2498. break;
  2500. }
  2501. //Print Src, Des Port
  2502. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_DST_PORT,TunnelF.SrcPort.wPort,TunnelF.DesPort.wPort);
  2503. //Print Mirror
  2504. if(TunnelF.bCreateMirror)
  2505. {
  2506. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MIRR_YES);
  2507. }
  2508. else
  2509. {
  2510. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MIRR_NO);
  2511. }
  2512. // Print Qm Policy Name
  2513. if(pszQMName != NULL)
  2514. {
  2515. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_NAME,pszQMName);
  2516. }
  2517. //Print Action Flag
  2518. if(dwActionFlag == 0 || dwActionFlag == 2)
  2519. {
  2520. switch(TunnelF.InboundFilterAction)
  2521. {
  2522. case PASS_THRU:
  2523. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_PASSTHRU);
  2524. break;
  2525. case NEGOTIATE_SECURITY:
  2526. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_NEGOTIATE);
  2527. break;
  2528. case BLOCKING:
  2529. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_BLOCK);
  2530. break;
  2531. default:
  2532. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_UNKNOWN);
  2533. break;
  2534. }
  2535. }
  2537. if(dwActionFlag == 0 || dwActionFlag == 1)
  2538. {
  2539. switch(TunnelF.OutboundFilterAction)
  2540. {
  2541. case PASS_THRU:
  2542. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_PASSTHRU);
  2543. break;
  2544. case NEGOTIATE_SECURITY:
  2545. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_NEGOTIATE);
  2546. break;
  2547. case BLOCKING:
  2548. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_BLOCK);
  2549. break;
  2550. default:
  2551. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_UNKNOWN);
  2552. break;
  2553. }
  2554. }
  2556. return dwReturn;
  2557. }
  2559. ///////////////////////////////////////////////////////////////////////////////////////////
  2560. //
  2561. //Function: ShowRule
  2562. //
  2563. //Date of Creation: 9-3-2001
  2564. //
  2565. //Parameters:
  2566. // IN DWORD dwType,
  2567. // IN ADDR SrcAddr,
  2568. // IN ADDR DstAddr,
  2569. // IN NshHashTable& addressHash,
  2570. // IN BOOL bResolveDNS,
  2571. // IN BOOL bSrcMask,
  2572. // IN BOOL bDstMask,
  2573. // IN QM_FILTER_VALUE_BOOL QMBoolValue
  2574. //
  2575. //Return: DWORD
  2576. //
  2577. //Description: This function prepares data for displaying quick mode filters.
  2578. //
  2579. // Date Author Comments
  2580. //
  2581. //////////////////////////////////////////////////////////////////////////////////////////
  2583. DWORD
  2584. ShowRule(
  2585. IN DWORD dwType,
  2586. IN ADDR SrcAddr,
  2587. IN ADDR DstAddr,
  2588. IN NshHashTable& addressHash,
  2589. IN BOOL bResolveDNS,
  2590. IN BOOL bSrcMask,
  2591. IN BOOL bDstMask,
  2592. IN QM_FILTER_VALUE_BOOL QMBoolValue
  2593. )
  2594. {
  2595. DWORD dwReturn = ERROR_SUCCESS;
  2596. DWORD dwResumeHandle = 0; // handle for continuation calls
  2597. DWORD dwCount = 0; // counting objects here
  2598. DWORD dwQMResumeHandle = 0; // handle for continuation calls
  2599. DWORD dwQMCount = 0; // counting objects here
  2600. GUID gDefaultGUID = {0}; // NULL GUID value
  2601. DWORD i=0, j=0, k=0, l=0;
  2602. DWORD dwVersion = 0;
  2603. DWORD dwTempCnt = 0;
  2604. DWORD dwActionFlag = 0;
  2605. LPWSTR pszQMName = NULL;
  2606. BOOL bPrint = FALSE;
  2607. BOOL bMMFound = FALSE;
  2608. BOOL bNameFin = FALSE;
  2610. PIPSEC_QM_POLICY pQMPolicy = NULL;
  2611. PTRANSPORT_FILTER pTransF = NULL;
  2612. PIPSEC_MM_POLICY pMMPolicy = NULL;
  2613. PMM_FILTER pMMFilter = NULL;
  2616. if(dwType == 1 || dwType == 0)//either transport or all
  2617. {
  2618. for (k = 0; ;k+=dwQMCount)
  2619. {
  2620. dwReturn = EnumTransportFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_GENERIC_FILTERS, gDefaultGUID, 0,
  2621. &pTransF, &dwQMCount, &dwQMResumeHandle, NULL);
  2623. if (dwReturn == ERROR_NO_DATA || dwQMCount == 0)
  2624. {
  2625. dwReturn = ERROR_SUCCESS;
  2626. BAIL_OUT;
  2627. }
  2629. if (dwReturn != ERROR_SUCCESS)
  2630. {
  2631. BAIL_OUT;
  2632. }
  2634. if(!(pTransF && dwQMCount > 0))
  2635. {
  2636. BAIL_OUT; // not required to continue.
  2637. }
  2639. for (l = 0; l < dwQMCount; l++)
  2640. {
  2641. dwResumeHandle = 0;
  2642. pMMFilter = 0;
  2643. dwCount = 0;
  2645. dwReturn = CheckQMFilter(pTransF[l], SrcAddr, DstAddr, bDstMask, bSrcMask,QMBoolValue, NULL);
  2647. if(dwReturn != ERROR_SUCCESS)
  2648. {
  2649. //Though not matched check for other filters
  2650. dwReturn = ERROR_SUCCESS;
  2651. continue;
  2652. }
  2653. for (i = 0; ;i+=dwCount)
  2654. {
  2655. dwReturn = EnumMMFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_GENERIC_FILTERS, gDefaultGUID, 0,
  2656. &pMMFilter, &dwCount, &dwResumeHandle, NULL);
  2658. if (dwReturn == ERROR_NO_DATA || dwCount == 0)
  2659. {
  2660. dwReturn = ERROR_SUCCESS;
  2661. break;
  2662. }
  2664. if (dwReturn != ERROR_SUCCESS)
  2665. {
  2666. break;
  2667. }
  2669. if(!(pMMFilter && dwCount > 0))
  2670. {
  2671. break; // not required to continue.
  2672. }
  2674. for (j = 0; j < dwCount; j++)
  2675. {
  2676. //Match QMfilter data with MMFilter data to get the corresponding MMFilter details to print
  2677. if((pTransF[l].SrcAddr.AddrType == pMMFilter[j].SrcAddr.AddrType) &&
  2678. (pTransF[l].SrcAddr.uIpAddr == pMMFilter[j].SrcAddr.uIpAddr) &&
  2679. (pTransF[l].DesAddr.AddrType == pMMFilter[j].DesAddr.AddrType) &&
  2680. (pTransF[l].DesAddr.uIpAddr == pMMFilter[j].DesAddr.uIpAddr) &&
  2681. (pTransF[l].SrcAddr.uSubNetMask == pMMFilter[j].SrcAddr.uSubNetMask) &&
  2682. (pTransF[l].DesAddr.uSubNetMask == pMMFilter[j].DesAddr.uSubNetMask) &&
  2683. (pTransF[l].InterfaceType == pMMFilter[j].InterfaceType) &&
  2684. (pTransF[l].bCreateMirror == pMMFilter[j].bCreateMirror)
  2685. )
  2686. {
  2687. //Get the corresponding MMPolicy details
  2688. pMMPolicy = NULL;
  2689. dwReturn = GetMMPolicyByID(g_szDynamicMachine, dwVersion, pMMFilter[j].gPolicyID,
  2690. &pMMPolicy, NULL);
  2691. if(dwReturn != ERROR_SUCCESS)
  2692. {
  2693. BAIL_OUT;
  2694. }
  2695. //Get the corresponding QMPolicy details
  2696. dwReturn = GetQMPolicyByID(g_szDynamicMachine, dwVersion, pTransF[l].gPolicyID, 0, &pQMPolicy, NULL);
  2697. if(dwReturn == ERROR_SUCCESS)
  2698. {
  2699. pszQMName = pQMPolicy[0].pszPolicyName;
  2700. }
  2701. else
  2702. {
  2703. //If there is no corresponding policy pass NULL, so it is not printed
  2704. pszQMName = NULL;
  2705. dwReturn = ERROR_SUCCESS;
  2706. }
  2707. dwActionFlag = 0;
  2708. if(!bPrint)
  2709. {
  2710. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TRANSPORT_RULE_HEADING);
  2711. bPrint = TRUE;
  2712. }
  2713. dwTempCnt++;
  2714. //print Transport Rule details
  2715. dwReturn = PrintTransportRuleFilter(&pMMFilter[j], &pMMPolicy[0], pTransF[l], pszQMName, addressHash, bResolveDNS);
  2716. bNameFin = TRUE;
  2717. bMMFound = TRUE;
  2719. if(pQMPolicy)
  2720. {
  2721. SPDApiBufferFree(pQMPolicy);
  2722. pQMPolicy = NULL;
  2723. }
  2725. if(pMMPolicy)
  2726. {
  2727. SPDApiBufferFree(pMMPolicy);
  2728. pMMPolicy = NULL;
  2729. }
  2730. }
  2731. }
  2732. if(pMMFilter)
  2733. {
  2734. SPDApiBufferFree(pMMFilter);
  2735. pMMFilter = NULL;
  2736. }
  2737. }
  2738. }
  2740. SPDApiBufferFree(pTransF);
  2741. pTransF = NULL;
  2742. }
  2743. }
  2745. error:
  2746. //print the number of transport rules
  2747. if(dwTempCnt > 0)
  2748. {
  2749. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NO_OF_TRANSPORT_FILTERS, dwTempCnt);
  2750. }
  2751. //Then print tunnel filters
  2752. dwReturn = ShowTunnelRule(dwType, SrcAddr, DstAddr, addressHash, bResolveDNS, bSrcMask, bDstMask, QMBoolValue, bNameFin);
  2754. if(!bNameFin)
  2755. {
  2756. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  2757. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_QMF_17);
  2758. dwReturn = ERROR_SUCCESS;
  2759. }
  2760. //error path clean up
  2761. if(pQMPolicy)
  2762. {
  2763. SPDApiBufferFree(pQMPolicy);
  2764. pQMPolicy = NULL;
  2765. }
  2767. if(pMMPolicy)
  2768. {
  2769. SPDApiBufferFree(pMMPolicy);
  2770. pMMPolicy = NULL;
  2771. }
  2773. if(pMMFilter)
  2774. {
  2775. SPDApiBufferFree(pMMFilter);
  2776. pMMFilter = NULL;
  2777. }
  2779. if(pTransF)
  2780. {
  2781. SPDApiBufferFree(pTransF);
  2782. pTransF = NULL;
  2783. }
  2785. return dwReturn;
  2786. }
  2787. ///////////////////////////////////////////////////////////////////////////////////////////
  2788. //
  2789. // Function : ShowTunnelRule
  2790. //
  2791. // Date of Creation: 9-3-2001
  2792. //
  2793. // Parameters :
  2794. // IN DWORD dwType,
  2795. // IN ADDR SrcAddr,
  2796. // IN ADDR DstAddr,
  2797. // IN NshHashTable& addressHash,
  2798. // IN BOOL bResolveDNS,
  2799. // IN BOOL bSrcMask,
  2800. // IN BOOL bDstMask,
  2801. // IN QM_FILTER_VALUE_BOOL QMBoolValue
  2802. // IN OUT BOOL& bNameFin
  2803. //
  2804. // Return : DWORD
  2805. //
  2806. // Description : This function prepares data for displaying quick mode filters.
  2807. //
  2808. // Date Author Comments
  2809. //
  2810. //////////////////////////////////////////////////////////////////////////////////////////
  2812. DWORD
  2813. ShowTunnelRule(
  2814. IN DWORD dwType,
  2815. IN ADDR SrcAddr,
  2816. IN ADDR DstAddr,
  2817. IN NshHashTable& addressHash,
  2818. IN BOOL bResolveDNS,
  2819. IN BOOL bSrcMask,
  2820. IN BOOL bDstMask,
  2821. IN QM_FILTER_VALUE_BOOL QMBoolValue,
  2822. IN OUT BOOL& bNameFin
  2823. )
  2824. {
  2825. DWORD dwReturn = ERROR_SUCCESS;
  2826. DWORD dwResumeHandle = 0; // handle for continuation calls
  2827. DWORD dwCount = 0; // counting objects here
  2828. DWORD dwQMResumeHandle = 0; // handle for continuation calls
  2829. DWORD dwQMCount = 0; // counting objects here
  2830. GUID gDefaultGUID = {0}; // NULL GUID value
  2831. DWORD i=0, j=0, k=0, l=0;
  2832. DWORD dwVersion = 0;
  2833. DWORD dwTempCnt = 0;
  2834. DWORD dwActionFlag = 0;
  2835. LPWSTR pszQMName = NULL;
  2836. BOOL bPrint = FALSE;
  2837. BOOL bMMFound = FALSE;
  2838. PIPSEC_QM_POLICY pQMPolicy = NULL;
  2839. PTUNNEL_FILTER pTunnelF = NULL;
  2840. PIPSEC_MM_POLICY pMMPolicy = NULL;
  2841. PMM_FILTER pMMFilter = NULL;
  2843. if(dwType == 2 || dwType == 0)//either tunnel or all
  2844. {
  2845. for (k = 0; ;k+=dwQMCount)
  2846. {
  2847. dwReturn = EnumTunnelFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_GENERIC_FILTERS, gDefaultGUID, 0, &pTunnelF, &dwQMCount, &dwQMResumeHandle, NULL);
  2848. if (dwReturn == ERROR_NO_DATA || dwQMCount == 0)
  2849. {
  2850. dwReturn = ERROR_SUCCESS;
  2851. BAIL_OUT;
  2852. }
  2854. if (dwReturn != ERROR_SUCCESS)
  2855. {
  2856. BAIL_OUT;
  2857. }
  2859. if(!(pTunnelF && dwQMCount > 0))
  2860. {
  2861. BAIL_OUT; // not required to continue.
  2862. }
  2864. for (l = 0; l < dwQMCount; l++)
  2865. {
  2866. dwResumeHandle = 0;
  2867. pMMFilter = 0;
  2868. dwCount = 0;
  2869. //Validate user input data.
  2870. dwReturn = CheckQMFilter(pTunnelF[l], SrcAddr, DstAddr, bDstMask, bSrcMask,QMBoolValue, NULL);
  2872. if(dwReturn != ERROR_SUCCESS)
  2873. {
  2874. //Though not matched continue for other filters
  2875. dwReturn = ERROR_SUCCESS;
  2876. continue;
  2877. }
  2879. for (i = 0; ;i+=dwCount)
  2880. {
  2881. dwReturn = EnumMMFilters(g_szDynamicMachine, dwVersion, NULL, ENUM_GENERIC_FILTERS, gDefaultGUID, 0, &pMMFilter, &dwCount, &dwResumeHandle, NULL);
  2883. if (dwReturn == ERROR_NO_DATA || dwCount == 0)
  2884. {
  2885. dwReturn = ERROR_SUCCESS;
  2886. break;
  2887. }
  2889. if (dwReturn != ERROR_SUCCESS)
  2890. {
  2891. break;
  2892. }
  2894. if(!(pMMFilter && dwCount > 0))
  2895. {
  2896. break; // not required to continue.
  2897. }
  2899. for (j = 0; j < dwCount; j++)
  2900. {
  2901. //Match QMfilter data with MMFilter data to get the corresponding MMFilter details to print
  2902. if((pTunnelF[l].DesTunnelAddr.AddrType == pMMFilter[j].DesAddr.AddrType) &&
  2903. (pTunnelF[l].DesTunnelAddr.uIpAddr == pMMFilter[j].DesAddr.uIpAddr) &&
  2904. (pTunnelF[l].InterfaceType == pMMFilter[j].InterfaceType)
  2905. )
  2906. {
  2907. //get the corresponding MMpolicy
  2908. pMMPolicy = NULL;
  2909. dwReturn = GetMMPolicyByID(g_szDynamicMachine, dwVersion, pMMFilter[j].gPolicyID, &pMMPolicy, NULL);
  2910. if(dwReturn != ERROR_SUCCESS)
  2911. {
  2912. BAIL_OUT;
  2913. }
  2915. //get the corresponding QMpolicy
  2916. dwReturn = GetQMPolicyByID(g_szDynamicMachine, dwVersion, pTunnelF[l].gPolicyID, 0, &pQMPolicy, NULL);
  2917. if(dwReturn == ERROR_SUCCESS)
  2918. {
  2919. pszQMName = pQMPolicy[0].pszPolicyName;
  2920. }
  2921. else
  2922. {
  2923. //If the corresponding policy is not found, pass NULL so that it is not printed.
  2924. pszQMName = NULL;
  2925. dwReturn = ERROR_SUCCESS;
  2926. }
  2927. dwActionFlag = 0;
  2929. if(!bPrint)
  2930. {
  2931. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_RULE_HEADING);
  2932. bPrint = TRUE;
  2933. }
  2934. dwTempCnt++;
  2936. //print tunnel rule details
  2937. dwReturn = PrintTunnelRuleFilter(&pMMFilter[j], &pMMPolicy[0], pTunnelF[l], pszQMName, addressHash, bResolveDNS);
  2938. bNameFin = TRUE;
  2939. bMMFound = TRUE;
  2940. if(pQMPolicy == NULL)
  2941. {
  2942. SPDApiBufferFree(pQMPolicy);
  2943. pQMPolicy = NULL;
  2944. }
  2946. if(pMMPolicy)
  2947. {
  2948. SPDApiBufferFree(pMMPolicy);
  2949. pMMPolicy = NULL;
  2950. }
  2951. }
  2952. }
  2953. if(pMMFilter)
  2954. {
  2955. SPDApiBufferFree(pMMFilter);
  2956. pMMFilter = NULL;
  2957. }
  2959. }
  2960. }
  2961. SPDApiBufferFree(pTunnelF);
  2962. pTunnelF = NULL;
  2963. }
  2964. }
  2966. error:
  2967. if(dwTempCnt > 0)
  2968. {
  2969. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NO_OF_TUNNEL_FILTERS, dwTempCnt);
  2970. }
  2971. // error path clean up
  2972. if(pTunnelF)
  2973. {
  2974. SPDApiBufferFree(pTunnelF);
  2975. pTunnelF = NULL;
  2976. }
  2977. if(pQMPolicy == NULL)
  2978. {
  2979. SPDApiBufferFree(pQMPolicy);
  2980. pQMPolicy = NULL;
  2981. }
  2983. if(pMMFilter)
  2984. {
  2985. SPDApiBufferFree(pMMFilter);
  2986. pMMFilter = NULL;
  2987. }
  2989. if(pMMPolicy)
  2990. {
  2991. SPDApiBufferFree(pMMPolicy);
  2992. pMMPolicy = NULL;
  2993. }
  2995. return dwReturn;
  2996. }
  2998. ///////////////////////////////////////////////////////////////////////////////////////////
  2999. //
  3000. // Function : PrintTunnelRuleFilter
  3001. //
  3002. // Date of Creation: 11-21-2001
  3003. //
  3004. // Parameters :
  3005. // IN PMM_FILTER pMMFltr,
  3006. // IN PIPSEC_MM_POLICY pMMPol,
  3007. // IN TUNNEL_FILTER TunnelF,
  3008. // IN LPWSTR pszQMName,
  3009. // IN NshHashTable& addressHash
  3010. // IN BOOL bResolveDNS
  3011. //
  3012. // Return : DWORD
  3013. //
  3014. // Description : This function prints Tunnel filter details
  3015. //
  3016. // Date Author Comments
  3017. //
  3018. //////////////////////////////////////////////////////////////////////////////////////////
  3020. DWORD
  3021. PrintTunnelRuleFilter(
  3022. IN PMM_FILTER pMMFltr,
  3023. IN PIPSEC_MM_POLICY pMMPol,
  3024. IN TUNNEL_FILTER TunnelF,
  3025. IN LPWSTR pszQMName,
  3026. IN NshHashTable& addressHash,
  3027. IN BOOL bResolveDNS
  3028. )
  3029. {
  3030. DWORD dwReturn = ERROR_SUCCESS;
  3031. DWORD i = 0;
  3032. DWORD dwVersion = 0;
  3033. LPTSTR pszCertStr = NULL;
  3034. PINT_MM_AUTH_METHODS pIntMMAuth = NULL;
  3035. PMM_AUTH_METHODS pMMAM = NULL;
  3037. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  3038. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_UNDERLINE);
  3039. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  3041. //Print MMMFilter name
  3042. if(pMMFltr)
  3043. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMFILTER_NAME, pMMFltr->pszFilterName);
  3045. //Print Tunnel FilterName
  3046. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMF_NAME, TunnelF.pszFilterName);
  3048. //Print Connection Type
  3049. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_HEADING);
  3050. switch(TunnelF.InterfaceType)
  3051. {
  3052. case INTERFACE_TYPE_ALL:
  3053. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_ALL);
  3054. break;
  3055. case INTERFACE_TYPE_LAN:
  3056. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_LAN);
  3057. break;
  3058. case INTERFACE_TYPE_DIALUP:
  3059. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_DIALUP);
  3060. break;
  3061. default:
  3062. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_UNKNOWN);
  3063. break;
  3064. }
  3066. //Print Source Address
  3067. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_ADDR_HEADING);
  3068. PrintAddr(TunnelF.SrcAddr, addressHash, bResolveDNS);
  3069. if(!bResolveDNS)
  3070. {
  3071. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  3072. PrintMask(TunnelF.SrcAddr);
  3073. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  3074. }
  3076. //Print Destination Address
  3077. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DST_ADDR_HEADING);
  3078. PrintAddr(TunnelF.DesAddr, addressHash, bResolveDNS);
  3079. if(!bResolveDNS)
  3080. {
  3081. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  3082. PrintMask(TunnelF.DesAddr);
  3083. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  3084. }
  3086. //Print Tunnel Src
  3087. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_SRC);
  3088. PrintAddr(TunnelF.SrcTunnelAddr, addressHash, bResolveDNS);
  3089. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_DST);
  3090. PrintAddr(TunnelF.DesTunnelAddr, addressHash, bResolveDNS);
  3092. //Print Protocol
  3093. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_HEADING);
  3094. switch(TunnelF.Protocol.dwProtocol)
  3095. {
  3096. case PROT_ID_ICMP:
  3097. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_ICMP);
  3098. break;
  3099. case PROT_ID_TCP:
  3100. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TCP);
  3101. break;
  3102. case PROT_ID_UDP:
  3103. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_UDP);
  3104. break;
  3105. case PROT_ID_RAW:
  3106. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_RAW);
  3107. break;
  3108. case PROT_ID_ANY:
  3109. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_ANY);
  3110. break;
  3111. default:
  3112. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DEFAULT_PROTOCOL, TunnelF.Protocol.dwProtocol);
  3113. break;
  3115. }
  3117. //Print Src, Des Port
  3118. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_DST_PORT,TunnelF.SrcPort.wPort,TunnelF.DesPort.wPort);
  3120. //Print Mirror
  3121. if(TunnelF.bCreateMirror)
  3122. {
  3123. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MIRR_YES);
  3124. }
  3125. else
  3126. {
  3127. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MIRR_NO);
  3128. }
  3130. if(pMMPol)
  3131. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_NAME,pMMPol->pszPolicyName);
  3133. //Print Authentication Methods.
  3134. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_AUTH_HEADING);
  3136. if(pMMFltr)
  3137. {
  3138. dwReturn = GetMMAuthMethods(g_szDynamicMachine, dwVersion, pMMFltr->gMMAuthID, &pMMAM, NULL);
  3139. if (dwReturn != ERROR_SUCCESS)
  3140. {
  3141. BAIL_OUT;
  3142. }
  3144. dwReturn = ConvertExtMMAuthToInt(pMMAM, &pIntMMAuth);
  3146. if (dwReturn != ERROR_SUCCESS)
  3147. {
  3148. BAIL_OUT;
  3149. }
  3151. for (i = 0; i < pIntMMAuth[0].dwNumAuthInfos; i++)
  3152. {
  3153. switch(pIntMMAuth[0].pAuthenticationInfo[i].AuthMethod)
  3154. {
  3155. case IKE_PRESHARED_KEY:
  3156. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_PRE_KEY_HEADING);
  3157. break;
  3158. case IKE_DSS_SIGNATURE:
  3159. case IKE_RSA_SIGNATURE:
  3160. case IKE_RSA_ENCRYPTION:
  3161. dwReturn = DecodeCertificateName(pIntMMAuth[0].pAuthenticationInfo[i].pAuthInfo, pIntMMAuth[0].pAuthenticationInfo[i].dwAuthInfoSize, &pszCertStr);
  3162. if (dwReturn != ERROR_SUCCESS)
  3163. {
  3164. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_UNKNOWN_CERT);
  3165. }
  3166. else
  3167. {
  3168. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NEWLINE_TAB);
  3169. if (pszCertStr)
  3170. {
  3171. DisplayCertInfo(pszCertStr, pIntMMAuth->pAuthenticationInfo[i].dwAuthFlags);
  3172. delete [] pszCertStr;
  3173. pszCertStr = NULL;
  3174. }
  3175. }
  3177. break;
  3178. case IKE_SSPI:
  3179. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_KERB);
  3180. break;
  3181. default:
  3182. break;
  3183. }
  3184. }
  3185. }
  3187. error:
  3189. //Print Security Methods
  3190. if(pMMPol)
  3191. {
  3192. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SEC_METHOD_HEADING);
  3193. // Count
  3194. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_CNT,pMMPol->dwOfferCount);
  3196. if(IsDefaultMMOffers(*pMMPol))
  3197. {
  3198. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_DEFAULT_OFFER);
  3199. }
  3200. for (i = 0; i < pMMPol->dwOfferCount; i++)
  3201. {
  3202. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  3203. PrintMMFilterOffer(pMMPol->pOffers[i]);
  3204. }
  3205. }
  3207. // Print Qm Policy Name
  3208. if(pszQMName != NULL)
  3209. {
  3210. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_NAME,pszQMName);
  3211. }
  3213. //Print Action Flag
  3214. switch(TunnelF.InboundFilterAction)
  3215. {
  3216. case PASS_THRU:
  3217. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_PASSTHRU);
  3218. break;
  3219. case NEGOTIATE_SECURITY:
  3220. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_NEGOTIATE);
  3221. break;
  3222. case BLOCKING:
  3223. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_BLOCK);
  3224. break;
  3225. default:
  3226. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_UNKNOWN);
  3227. break;
  3228. }
  3230. switch(TunnelF.OutboundFilterAction)
  3231. {
  3232. case PASS_THRU:
  3233. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_PASSTHRU);
  3234. break;
  3235. case NEGOTIATE_SECURITY:
  3236. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_NEGOTIATE);
  3237. break;
  3238. case BLOCKING:
  3239. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_BLOCK);
  3240. break;
  3241. default:
  3242. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_UNKNOWN);
  3243. break;
  3244. }
  3246. if(pIntMMAuth)
  3247. {
  3248. FreeIntMMAuthMethods(pIntMMAuth);
  3249. pIntMMAuth = NULL;
  3250. }
  3252. if(pMMAM)
  3253. {
  3254. SPDApiBufferFree(pMMAM);
  3255. pMMAM = NULL;
  3256. }
  3258. return dwReturn;
  3259. }
  3261. ///////////////////////////////////////////////////////////////////////////////////////////
  3262. //
  3263. // Function : PrintTransportRuleFilter
  3264. //
  3265. // Date of Creation: 11-21-2001
  3266. //
  3267. // Parameters :
  3268. // IN PMM_FILTER pMMFltr,
  3269. // IN PIPSEC_MM_POLICY pMMPol,
  3270. // IN TRANSPORT_FILTER TransF,
  3271. // IN LPWSTR pszQMName,
  3272. // IN NshHashTable& addressHash
  3273. // IN BOOL bResolveDNS
  3274. //
  3275. // Return : DWORD
  3276. //
  3277. // Description : This function prints Transport filter details
  3278. //
  3279. // Date Author Comments
  3280. //
  3281. //////////////////////////////////////////////////////////////////////////////////////////
  3282. DWORD
  3283. PrintTransportRuleFilter(
  3284. IN PMM_FILTER pMMFltr,
  3285. IN PIPSEC_MM_POLICY pMMPol,
  3286. IN TRANSPORT_FILTER TransF,
  3287. IN LPWSTR pszQMName,
  3288. IN NshHashTable& addressHash,
  3289. IN BOOL bResolveDNS
  3290. )
  3291. {
  3292. DWORD dwReturn = ERROR_SUCCESS;
  3293. DWORD i = 0;
  3294. DWORD dwVersion = 0;
  3295. LPTSTR pszCertStr = NULL;
  3296. PINT_MM_AUTH_METHODS pIntMMAuth = NULL;
  3297. PMM_AUTH_METHODS pMMAM = NULL;
  3299. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  3300. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_UNDERLINE);
  3301. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  3303. //Print Mmfilter name
  3304. if(pMMFltr)
  3305. {
  3306. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMFILTER_NAME, pMMFltr->pszFilterName);
  3307. }
  3309. //Print Tunnel FilterName
  3310. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMF_NAME, TransF.pszFilterName);
  3312. //Print Connection Type
  3313. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_HEADING);
  3314. switch(TransF.InterfaceType)
  3315. {
  3316. case INTERFACE_TYPE_ALL:
  3317. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_ALL);
  3318. break;
  3319. case INTERFACE_TYPE_LAN:
  3320. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_LAN);
  3321. break;
  3322. case INTERFACE_TYPE_DIALUP:
  3323. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_DIALUP);
  3324. break;
  3325. default:
  3326. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_CONN_UNKNOWN);
  3327. break;
  3328. }
  3330. //Print Source Address
  3331. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_ADDR_HEADING);
  3332. PrintAddr(TransF.SrcAddr, addressHash, bResolveDNS);
  3333. if(!bResolveDNS)
  3334. {
  3335. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  3336. PrintMask(TransF.SrcAddr);
  3337. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  3338. }
  3340. //Print Destination Address
  3341. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DST_ADDR_HEADING);
  3342. PrintAddr(TransF.DesAddr, addressHash, bResolveDNS);
  3343. if(!bResolveDNS)
  3344. {
  3345. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_LEFTBRACKET);
  3346. PrintMask(TransF.DesAddr);
  3347. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_RIGHTBRACKET);
  3348. }
  3350. //Print Protocol
  3351. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_HEADING);
  3352. switch(TransF.Protocol.dwProtocol)
  3353. {
  3354. case PROT_ID_ICMP:
  3355. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_ICMP);
  3356. break;
  3357. case PROT_ID_TCP:
  3358. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TCP);
  3359. break;
  3360. case PROT_ID_UDP:
  3361. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_UDP);
  3362. break;
  3363. case PROT_ID_RAW:
  3364. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_RAW);
  3365. break;
  3366. case PROT_ID_ANY:
  3367. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_ANY);
  3368. break;
  3369. default:
  3370. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DEFAULT_PROTOCOL, TransF.Protocol.dwProtocol);
  3371. break;
  3372. }
  3373. //Print Src, Des Port
  3374. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_DST_PORT,TransF.SrcPort.wPort,TransF.DesPort.wPort);
  3375. //Print Mirror
  3376. if(TransF.bCreateMirror)
  3377. {
  3378. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MIRR_YES);
  3379. }
  3380. else
  3381. {
  3382. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MIRR_NO);
  3383. }
  3385. if(pMMPol)
  3386. {
  3387. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMP_NAME,pMMPol->pszPolicyName);
  3388. }
  3389. //Print Authentication Methods.
  3390. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_AUTH_HEADING);
  3392. if(pMMFltr)
  3393. {
  3394. dwReturn = GetMMAuthMethods(g_szDynamicMachine, dwVersion, pMMFltr->gMMAuthID, &pMMAM, NULL);
  3395. if (dwReturn != ERROR_SUCCESS)
  3396. {
  3397. BAIL_OUT;
  3398. }
  3400. dwReturn = ConvertExtMMAuthToInt(pMMAM, &pIntMMAuth);
  3401. if (dwReturn != ERROR_SUCCESS)
  3402. {
  3403. BAIL_OUT;
  3404. }
  3406. for (i = 0; i < pIntMMAuth[0].dwNumAuthInfos; i++)
  3407. {
  3408. switch(pIntMMAuth[0].pAuthenticationInfo[i].AuthMethod)
  3409. {
  3410. case IKE_PRESHARED_KEY:
  3411. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_PRE_KEY_HEADING);
  3412. break;
  3413. case IKE_DSS_SIGNATURE:
  3414. case IKE_RSA_SIGNATURE:
  3415. case IKE_RSA_ENCRYPTION:
  3416. dwReturn = DecodeCertificateName(pIntMMAuth[0].pAuthenticationInfo[i].pAuthInfo, pIntMMAuth[0].pAuthenticationInfo[i].dwAuthInfoSize, &pszCertStr);
  3417. if (dwReturn != ERROR_SUCCESS)
  3418. {
  3419. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_UNKNOWN_CERT);
  3420. }
  3421. else
  3422. {
  3423. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_NEWLINE_TAB);
  3424. if (pszCertStr)
  3425. {
  3426. DisplayCertInfo(pszCertStr, pIntMMAuth->pAuthenticationInfo[i].dwAuthFlags);
  3427. delete [] pszCertStr;
  3428. pszCertStr = NULL;
  3429. }
  3430. }
  3431. break;
  3432. case IKE_SSPI:
  3433. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_KERB);
  3434. break;
  3435. default:
  3436. break;
  3437. }
  3438. }
  3439. }
  3441. error:
  3442. // Print Security Methods
  3443. // Count
  3444. if(pMMPol)
  3445. {
  3446. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_SEC_METHOD_HEADING);
  3447. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_OFFER_CNT,pMMPol->dwOfferCount);
  3448. if(IsDefaultMMOffers(*pMMPol))
  3449. {
  3450. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_DEFAULT_OFFER);
  3451. }
  3452. for (i = 0; i < pMMPol->dwOfferCount; i++)
  3453. {
  3454. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  3455. PrintMMFilterOffer(pMMPol->pOffers[i]);
  3456. }
  3457. }
  3458. // Print Qm Policy Name
  3459. if(pszQMName != NULL)
  3460. {
  3461. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_NAME,pszQMName);
  3462. }
  3463. //Print Action Flag
  3464. switch(TransF.InboundFilterAction)
  3465. {
  3466. case PASS_THRU:
  3467. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_PASSTHRU);
  3468. break;
  3469. case NEGOTIATE_SECURITY:
  3470. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_NEGOTIATE);
  3471. break;
  3472. case BLOCKING:
  3473. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_BLOCK);
  3474. break;
  3475. default:
  3476. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_INBOUND_UNKNOWN);
  3477. break;
  3478. }
  3480. switch(TransF.OutboundFilterAction)
  3481. {
  3482. case PASS_THRU:
  3483. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_PASSTHRU);
  3484. break;
  3485. case NEGOTIATE_SECURITY:
  3486. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_NEGOTIATE);
  3487. break;
  3488. case BLOCKING:
  3489. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_BLOCK);
  3490. break;
  3491. default:
  3492. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OUTBOUND_UNKNOWN);
  3493. break;
  3494. }
  3496. if(pIntMMAuth)
  3497. {
  3498. FreeIntMMAuthMethods(pIntMMAuth);
  3499. pIntMMAuth = NULL;
  3500. }
  3502. if(pMMAM)
  3503. {
  3504. SPDApiBufferFree(pMMAM);
  3505. pMMAM = NULL;
  3506. }
  3508. return dwReturn;
  3509. }
  3511. ///////////////////////////////////////////////////////////////////////////////////////////
  3512. //
  3513. // Function : ShowStats
  3514. //
  3515. // Date of Creation: 9-3-2001
  3516. //
  3517. // Parameters : IN DWORD dwShow
  3518. //
  3519. // Return : DWORD
  3520. //
  3521. // Description : This function calls appropriate IKE and IPSEC statistics display.
  3522. //
  3523. // Date Author Comments
  3524. //
  3525. //////////////////////////////////////////////////////////////////////////////////////////
  3527. DWORD
  3528. ShowStats(
  3529. IN DWORD dwShow
  3530. )
  3531. {
  3532. DWORD dwReturn = ERROR_SUCCESS; // assume success
  3534. if(dwShow != STATS_IPSEC) //is the show is for IKE or all
  3535. {
  3536. dwReturn = PrintIkeStats();
  3537. if(dwReturn != ERROR_SUCCESS)
  3538. {
  3539. BAIL_OUT;
  3540. }
  3541. }
  3543. if(dwShow != STATS_IKE) //is the show is for IPSEC or all
  3544. {
  3545. dwReturn = PrintIpsecStats();
  3546. }
  3548. error:
  3550. return dwReturn;
  3551. }
  3553. ///////////////////////////////////////////////////////////////////////////////////////////
  3554. //
  3555. //Function: PrintIkeStats
  3556. //
  3557. //Date of Creation: 28-1-2002
  3558. //
  3559. //Parameters:
  3560. //
  3561. //Return: DWORD
  3562. //
  3563. //Description: This function Prints IkeStatistics
  3564. //
  3565. // Date Author Comments
  3566. //
  3567. //////////////////////////////////////////////////////////////////////////////////////////
  3569. DWORD
  3570. PrintIkeStats(
  3571. VOID
  3572. )
  3573. {
  3574. DWORD dwReturn = ERROR_SUCCESS; // assume success
  3575. DWORD dwVersion = 0;
  3576. LPSTR pszLLString = NULL;
  3577. IKE_STATISTICS IKEStats;
  3579. //Query IKE Statistics
  3580. dwReturn = QueryIKEStatistics(g_szDynamicMachine,dwVersion, &IKEStats, NULL);
  3581. if (dwReturn != ERROR_SUCCESS)
  3582. {
  3583. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_NOT_FOUND_MSG);
  3584. BAIL_OUT;
  3585. }
  3587. //Heading
  3588. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_HEADING);
  3589. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_IKE_HEADING_UNDERLINE);
  3590. //Print IKE statistics
  3591. pszLLString = LongLongToString(0, IKEStats.dwOakleyMainModes, 1);
  3592. if(pszLLString)
  3593. {
  3594. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_MAIN_MODE, pszLLString);
  3595. free(pszLLString);
  3596. pszLLString = NULL;
  3597. }
  3598. else
  3599. {
  3600. dwReturn = ERROR_OUTOFMEMORY;
  3601. BAIL_OUT;
  3602. }
  3604. pszLLString = LongLongToString(0, IKEStats.dwOakleyQuickModes, 1);
  3605. if(pszLLString)
  3606. {
  3607. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_QUICK_MODE, pszLLString);
  3608. free(pszLLString);
  3609. pszLLString = NULL;
  3610. }
  3611. else
  3612. {
  3613. dwReturn = ERROR_OUTOFMEMORY;
  3614. BAIL_OUT;
  3615. }
  3617. pszLLString = LongLongToString(0, IKEStats.dwSoftAssociations, 1);
  3618. if(pszLLString)
  3619. {
  3620. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_SOFT_SA, pszLLString);
  3621. free(pszLLString);
  3622. pszLLString = NULL;
  3623. }
  3624. else
  3625. {
  3626. dwReturn = ERROR_OUTOFMEMORY;
  3627. BAIL_OUT;
  3628. }
  3630. pszLLString = LongLongToString(0, IKEStats.dwAuthenticationFailures, 1);
  3631. if(pszLLString)
  3632. {
  3633. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_AUTH_FAIL, pszLLString);
  3634. free(pszLLString);
  3635. pszLLString = NULL;
  3636. }
  3637. else
  3638. {
  3639. dwReturn = ERROR_OUTOFMEMORY;
  3640. BAIL_OUT;
  3641. }
  3643. pszLLString = LongLongToString(0, IKEStats.dwActiveAcquire, 1);
  3644. if(pszLLString)
  3645. {
  3646. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_ACTIVE_ACQUIRE, pszLLString);
  3647. free(pszLLString);
  3648. pszLLString = NULL;
  3649. }
  3650. else
  3651. {
  3652. dwReturn = ERROR_OUTOFMEMORY;
  3653. BAIL_OUT;
  3654. }
  3656. pszLLString = LongLongToString(0, IKEStats.dwActiveReceive, 1);
  3657. if(pszLLString)
  3658. {
  3659. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_ACTIVE_RECEIVE, pszLLString);
  3660. free(pszLLString);
  3661. pszLLString = NULL;
  3662. }
  3663. else
  3664. {
  3665. dwReturn = ERROR_OUTOFMEMORY;
  3666. BAIL_OUT;
  3667. }
  3669. pszLLString = LongLongToString(0, IKEStats.dwAcquireFail, 1);
  3670. if(pszLLString)
  3671. {
  3672. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_ACQUIRE_FAIL, pszLLString);
  3673. free(pszLLString);
  3674. pszLLString = NULL;
  3675. }
  3676. else
  3677. {
  3678. dwReturn = ERROR_OUTOFMEMORY;
  3679. BAIL_OUT;
  3680. }
  3682. pszLLString = LongLongToString(0, IKEStats.dwReceiveFail, 1);
  3683. if(pszLLString)
  3684. {
  3685. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_RECEIVE_FAIL, pszLLString);
  3686. free(pszLLString);
  3687. pszLLString = NULL;
  3688. }
  3689. else
  3690. {
  3691. dwReturn = ERROR_OUTOFMEMORY;
  3692. BAIL_OUT;
  3693. }
  3695. pszLLString = LongLongToString(0, IKEStats.dwSendFail, 1);
  3696. if(pszLLString)
  3697. {
  3698. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_SEND_FAIL, pszLLString);
  3699. free(pszLLString);
  3700. pszLLString = NULL;
  3701. }
  3702. else
  3703. {
  3704. dwReturn = ERROR_OUTOFMEMORY;
  3705. BAIL_OUT;
  3706. }
  3708. pszLLString = LongLongToString(0, IKEStats.dwAcquireHeapSize, 1);
  3709. if(pszLLString)
  3710. {
  3711. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_ACQ_HEAP_SIZE, pszLLString);
  3713. free(pszLLString);
  3714. pszLLString = NULL;
  3715. }
  3716. else
  3717. {
  3718. dwReturn = ERROR_OUTOFMEMORY;
  3719. BAIL_OUT;
  3720. }
  3722. pszLLString = LongLongToString(0, IKEStats.dwReceiveHeapSize, 1);
  3723. if(pszLLString)
  3724. {
  3725. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_RECEIVE_HEAP_SIZE, pszLLString);
  3726. free(pszLLString);
  3727. pszLLString = NULL;
  3728. }
  3729. else
  3730. {
  3731. dwReturn = ERROR_OUTOFMEMORY;
  3732. BAIL_OUT;
  3733. }
  3735. pszLLString = LongLongToString(0, IKEStats.dwNegotiationFailures, 1);
  3736. if(pszLLString)
  3737. {
  3738. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_NEG_FAIL, pszLLString);
  3739. free(pszLLString);
  3740. pszLLString = NULL;
  3741. }
  3742. else
  3743. {
  3744. dwReturn = ERROR_OUTOFMEMORY;
  3745. BAIL_OUT;
  3746. }
  3748. pszLLString = LongLongToString(0, IKEStats.dwInvalidCookiesReceived, 1);
  3749. if(pszLLString)
  3750. {
  3751. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_INVALID_COOKIE, pszLLString);
  3752. free(pszLLString);
  3753. pszLLString = NULL;
  3754. }
  3755. else
  3756. {
  3757. dwReturn = ERROR_OUTOFMEMORY;
  3758. BAIL_OUT;
  3759. }
  3761. pszLLString = LongLongToString(0, IKEStats.dwTotalAcquire, 1);
  3762. if(pszLLString)
  3763. {
  3764. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_TOTAL_ACQUIRE, pszLLString);
  3765. free(pszLLString);
  3766. pszLLString = NULL;
  3767. }
  3768. else
  3769. {
  3770. dwReturn = ERROR_OUTOFMEMORY;
  3771. BAIL_OUT;
  3772. }
  3774. pszLLString = LongLongToString(0, IKEStats.dwTotalGetSpi, 1);
  3775. if(pszLLString)
  3776. {
  3777. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_TOT_GET_SPI, pszLLString);
  3778. free(pszLLString);
  3779. pszLLString = NULL;
  3780. }
  3781. else
  3782. {
  3783. dwReturn = ERROR_OUTOFMEMORY;
  3784. BAIL_OUT;
  3785. }
  3787. pszLLString = LongLongToString(0, IKEStats.dwTotalKeyAdd, 1);
  3788. if(pszLLString)
  3789. {
  3790. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_TOT_KEY_ADD, pszLLString);
  3791. free(pszLLString);
  3792. pszLLString = NULL;
  3793. }
  3794. else
  3795. {
  3796. dwReturn = ERROR_OUTOFMEMORY;
  3797. BAIL_OUT;
  3798. }
  3800. pszLLString = LongLongToString(0, IKEStats.dwTotalKeyUpdate, 1);
  3801. if(pszLLString)
  3802. {
  3803. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_TOT_KEY_UPDATE, pszLLString);
  3804. free(pszLLString);
  3805. pszLLString = NULL;
  3806. }
  3807. else
  3808. {
  3809. dwReturn = ERROR_OUTOFMEMORY;
  3810. BAIL_OUT;
  3811. }
  3813. pszLLString = LongLongToString(0, IKEStats.dwGetSpiFail, 1);
  3814. if(pszLLString)
  3815. {
  3816. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_GET_SPI_FAIL, pszLLString);
  3817. free(pszLLString);
  3818. pszLLString = NULL;
  3819. }
  3820. else
  3821. {
  3822. dwReturn = ERROR_OUTOFMEMORY;
  3823. BAIL_OUT;
  3824. }
  3826. pszLLString = LongLongToString(0, IKEStats.dwKeyAddFail, 1);
  3827. if(pszLLString)
  3828. {
  3829. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_KEY_ADD_FAIL, pszLLString);
  3830. free(pszLLString);
  3831. pszLLString = NULL;
  3832. }
  3833. else
  3834. {
  3835. dwReturn = ERROR_OUTOFMEMORY;
  3836. BAIL_OUT;
  3837. }
  3839. pszLLString = LongLongToString(0, IKEStats.dwKeyUpdateFail, 1);
  3840. if(pszLLString)
  3841. {
  3842. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_KEY_UPDATE_FAIL, pszLLString);
  3843. free(pszLLString);
  3844. pszLLString = NULL;
  3845. }
  3846. else
  3847. {
  3848. dwReturn = ERROR_OUTOFMEMORY;
  3849. BAIL_OUT;
  3850. }
  3852. pszLLString = LongLongToString(0, IKEStats.dwIsadbListSize, 1);
  3853. if(pszLLString)
  3854. {
  3855. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_DB_LIST, pszLLString);
  3856. free(pszLLString);
  3857. pszLLString = NULL;
  3858. }
  3859. else
  3860. {
  3861. dwReturn = ERROR_OUTOFMEMORY;
  3862. BAIL_OUT;
  3863. }
  3865. pszLLString = LongLongToString(0, IKEStats.dwConnListSize, 1);
  3866. if(pszLLString)
  3867. {
  3868. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_CONN_LIST_SIZE, pszLLString);
  3869. free(pszLLString);
  3870. pszLLString = NULL;
  3871. }
  3872. else
  3873. {
  3874. dwReturn = ERROR_OUTOFMEMORY;
  3875. BAIL_OUT;
  3876. }
  3878. pszLLString = LongLongToString(0, IKEStats.dwInvalidPacketsReceived, 1);
  3879. if(pszLLString)
  3880. {
  3881. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_INVLD_PKTS, pszLLString);
  3882. free(pszLLString);
  3883. pszLLString = NULL;
  3884. }
  3885. else
  3886. {
  3887. dwReturn = ERROR_OUTOFMEMORY;
  3888. BAIL_OUT;
  3889. }
  3891. error:
  3892. return dwReturn;
  3893. }
  3895. ///////////////////////////////////////////////////////////////////////////////////////////
  3896. //
  3897. //Function: PrintIpsecStats
  3898. //
  3899. //Date of Creation: 28-1-2002
  3900. //
  3901. //Parameters:
  3902. //
  3903. //Return: DWORD
  3904. //
  3905. //Description: This function Prints IpsecStatistics
  3906. //
  3907. // Date Author Comments
  3908. //
  3909. //////////////////////////////////////////////////////////////////////////////////////////
  3911. DWORD
  3912. PrintIpsecStats(
  3913. VOID
  3914. )
  3915. {
  3916. DWORD dwReturn = ERROR_SUCCESS; // assume success
  3917. DWORD dwVersion = 0;
  3918. LPSTR pszLLString = NULL;
  3919. PIPSEC_STATISTICS pIPSecStats = NULL;
  3921. dwReturn = QueryIPSecStatistics(g_szDynamicMachine, dwVersion, &pIPSecStats, NULL);
  3922. //Query IPSec Statistics
  3923. if (dwReturn != ERROR_SUCCESS)
  3924. {
  3925. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_IPSEC_NOT_FOUND);
  3926. BAIL_OUT;
  3927. }
  3929. //Heading
  3930. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_IPSEC_HEADING);
  3931. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_IPSEC_HEADING_UNDERLINE);
  3932. //Print IPSec statistics.
  3933. pszLLString = LongLongToString(0, pIPSecStats->dwNumActiveAssociations, 1);
  3934. if(pszLLString)
  3935. {
  3936. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_ACTIVE_ASSOC, pszLLString);
  3937. free(pszLLString);
  3938. pszLLString = NULL;
  3939. }
  3940. else
  3941. {
  3942. dwReturn = ERROR_OUTOFMEMORY;
  3943. BAIL_OUT;
  3944. }
  3946. pszLLString = LongLongToString(0, pIPSecStats->dwNumOffloadedSAs, 1);
  3947. if(pszLLString)
  3948. {
  3949. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_OFFLOAD_SAS, pszLLString);
  3950. free(pszLLString);
  3951. pszLLString = NULL;
  3952. }
  3953. else
  3954. {
  3955. dwReturn = ERROR_OUTOFMEMORY;
  3956. BAIL_OUT;
  3957. }
  3959. pszLLString = LongLongToString(0, pIPSecStats->dwNumPendingKeyOps, 1);
  3960. if(pszLLString)
  3961. {
  3962. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_PEND_KEY, pszLLString);
  3963. free(pszLLString);
  3964. pszLLString = NULL;
  3965. }
  3966. else
  3967. {
  3968. dwReturn = ERROR_OUTOFMEMORY;
  3969. BAIL_OUT;
  3970. }
  3972. pszLLString = LongLongToString(0, pIPSecStats->dwNumKeyAdditions, 1);
  3973. if(pszLLString)
  3974. {
  3975. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_KEY_ADDS, pszLLString);
  3976. free(pszLLString);
  3977. pszLLString = NULL;
  3978. }
  3979. else
  3980. {
  3981. dwReturn = ERROR_OUTOFMEMORY;
  3982. BAIL_OUT;
  3983. }
  3985. pszLLString = LongLongToString(0, pIPSecStats->dwNumKeyDeletions, 1);
  3986. if(pszLLString)
  3987. {
  3988. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_KEY_DELETES, pszLLString);
  3989. free(pszLLString);
  3990. pszLLString = NULL;
  3991. }
  3992. else
  3993. {
  3994. dwReturn = ERROR_OUTOFMEMORY;
  3995. BAIL_OUT;
  3996. }
  3998. pszLLString = LongLongToString(0, pIPSecStats->dwNumReKeys, 1);
  3999. if(pszLLString)
  4000. {
  4001. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_REKEYS, pszLLString);
  4002. free(pszLLString);
  4003. pszLLString = NULL;
  4004. }
  4005. else
  4006. {
  4007. dwReturn = ERROR_OUTOFMEMORY;
  4008. BAIL_OUT;
  4009. }
  4011. pszLLString = LongLongToString(0, pIPSecStats->dwNumActiveTunnels, 1);
  4012. if(pszLLString)
  4013. {
  4014. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_ACT_TUNNEL, pszLLString);
  4015. free(pszLLString);
  4016. pszLLString = NULL;
  4017. }
  4018. else
  4019. {
  4020. dwReturn = ERROR_OUTOFMEMORY;
  4021. BAIL_OUT;
  4022. }
  4024. pszLLString = LongLongToString(0, pIPSecStats->dwNumBadSPIPackets, 1);
  4025. if(pszLLString)
  4026. {
  4027. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_BAD_SPI, pszLLString);
  4028. free(pszLLString);
  4029. pszLLString = NULL;
  4030. }
  4031. else
  4032. {
  4033. dwReturn = ERROR_OUTOFMEMORY;
  4034. BAIL_OUT;
  4035. }
  4037. pszLLString = LongLongToString(0, pIPSecStats->dwNumPacketsNotDecrypted, 1);
  4038. if(pszLLString)
  4039. {
  4040. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_NOT_DECRYPT, pszLLString);
  4041. free(pszLLString);
  4042. pszLLString = NULL;
  4043. }
  4044. else
  4045. {
  4046. dwReturn = ERROR_OUTOFMEMORY;
  4047. BAIL_OUT;
  4048. }
  4050. pszLLString = LongLongToString(0, pIPSecStats->dwNumPacketsNotAuthenticated, 1);
  4051. if(pszLLString)
  4052. {
  4053. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_NOT_AUTH, pszLLString);
  4054. free(pszLLString);
  4055. pszLLString = NULL;
  4056. }
  4057. else
  4058. {
  4059. dwReturn = ERROR_OUTOFMEMORY;
  4060. BAIL_OUT;
  4061. }
  4063. pszLLString = LongLongToString(0, pIPSecStats->dwNumPacketsWithReplayDetection, 1);
  4064. if(pszLLString)
  4065. {
  4066. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_REPLAY, pszLLString);
  4067. free(pszLLString);
  4068. pszLLString = NULL;
  4069. }
  4070. else
  4071. {
  4072. dwReturn = ERROR_OUTOFMEMORY;
  4073. BAIL_OUT;
  4074. }
  4076. pszLLString = LongLongToString(pIPSecStats->uConfidentialBytesSent.HighPart,pIPSecStats->uConfidentialBytesSent.LowPart, 1);
  4077. if(pszLLString)
  4078. {
  4079. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_CONF_BYTES_SENT, pszLLString);
  4080. free(pszLLString);
  4081. pszLLString = NULL;
  4082. }
  4083. else
  4084. {
  4085. dwReturn = ERROR_OUTOFMEMORY;
  4086. BAIL_OUT;
  4087. }
  4089. pszLLString = LongLongToString(pIPSecStats->uConfidentialBytesReceived.HighPart,pIPSecStats->uConfidentialBytesReceived.LowPart, 1);
  4090. if(pszLLString)
  4091. {
  4092. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_CONF_BYTES_RECV, pszLLString);
  4093. free(pszLLString);
  4094. pszLLString = NULL;
  4095. }
  4096. else
  4097. {
  4098. dwReturn = ERROR_OUTOFMEMORY;
  4099. BAIL_OUT;
  4100. }
  4102. pszLLString = LongLongToString(pIPSecStats->uAuthenticatedBytesSent.HighPart,pIPSecStats->uAuthenticatedBytesSent.LowPart, 1);
  4103. if(pszLLString)
  4104. {
  4105. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_AUTH_BYTES_SENT, pszLLString);
  4106. free(pszLLString);
  4107. pszLLString = NULL;
  4108. }
  4109. else
  4110. {
  4111. dwReturn = ERROR_OUTOFMEMORY;
  4112. BAIL_OUT;
  4113. }
  4115. pszLLString = LongLongToString(pIPSecStats->uAuthenticatedBytesReceived.HighPart,pIPSecStats->uAuthenticatedBytesReceived.LowPart, 1);
  4116. if(pszLLString)
  4117. {
  4118. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_AUTH_BYTE_RECV, pszLLString);
  4119. free(pszLLString);
  4120. pszLLString = NULL;
  4121. }
  4122. else
  4123. {
  4124. dwReturn = ERROR_OUTOFMEMORY;
  4125. BAIL_OUT;
  4126. }
  4128. pszLLString = LongLongToString(pIPSecStats->uTransportBytesSent.HighPart,pIPSecStats->uTransportBytesSent.LowPart, 1);
  4129. if(pszLLString)
  4130. {
  4131. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_TRANSPORT_BYTES_SENT, pszLLString);
  4132. free(pszLLString);
  4133. pszLLString = NULL;
  4134. }
  4135. else
  4136. {
  4137. dwReturn = ERROR_OUTOFMEMORY;
  4138. BAIL_OUT;
  4139. }
  4141. pszLLString = LongLongToString(pIPSecStats->uTransportBytesReceived.HighPart,pIPSecStats->uTransportBytesReceived.LowPart, 1);
  4142. if(pszLLString)
  4143. {
  4144. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_TRANSPORT_BYTES_RCVD, pszLLString);
  4145. free(pszLLString);
  4146. pszLLString = NULL;
  4147. }
  4148. else
  4149. {
  4150. dwReturn = ERROR_OUTOFMEMORY;
  4151. BAIL_OUT;
  4152. }
  4154. pszLLString = LongLongToString(pIPSecStats->uBytesSentInTunnels.HighPart,pIPSecStats->uBytesSentInTunnels.LowPart, 1);
  4155. if(pszLLString)
  4156. {
  4157. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_BYTES_SENT_TUNNEL, pszLLString);
  4158. free(pszLLString);
  4159. pszLLString = NULL;
  4160. }
  4161. else
  4162. {
  4163. dwReturn = ERROR_OUTOFMEMORY;
  4164. BAIL_OUT;
  4165. }
  4167. pszLLString = LongLongToString(pIPSecStats->uBytesReceivedInTunnels.HighPart,pIPSecStats->uBytesReceivedInTunnels.LowPart, 1);
  4168. if(pszLLString)
  4169. {
  4170. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_BYTES_RECV_TUNNEL, pszLLString);
  4171. free(pszLLString);
  4172. pszLLString = NULL;
  4173. }
  4174. else
  4175. {
  4176. dwReturn = ERROR_OUTOFMEMORY;
  4177. BAIL_OUT;
  4178. }
  4180. pszLLString = LongLongToString(pIPSecStats->uOffloadedBytesSent.HighPart,pIPSecStats->uOffloadedBytesSent.LowPart, 1);
  4181. if(pszLLString)
  4182. {
  4183. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_OFFLOAD_BYTES_SENT, pszLLString);
  4184. free(pszLLString);
  4185. pszLLString = NULL;
  4186. }
  4187. else
  4188. {
  4189. dwReturn = ERROR_OUTOFMEMORY;
  4190. BAIL_OUT;
  4191. }
  4193. pszLLString = LongLongToString(pIPSecStats->uOffloadedBytesReceived.HighPart,pIPSecStats->uOffloadedBytesReceived.LowPart, 1);
  4194. if(pszLLString)
  4195. {
  4196. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_STATS_OFFLOAD_BYTES_RECV, pszLLString);
  4197. free(pszLLString);
  4198. pszLLString = NULL;
  4199. }
  4200. else
  4201. {
  4202. dwReturn = ERROR_OUTOFMEMORY;
  4203. BAIL_OUT;
  4204. }
  4206. error:
  4208. if(pIPSecStats)
  4209. {
  4210. SPDApiBufferFree(pIPSecStats);
  4211. pIPSecStats = NULL;
  4212. }
  4214. return dwReturn;
  4215. }
  4217. ///////////////////////////////////////////////////////////////////////////////////////////
  4218. //
  4219. //Function: ShowMMSas
  4220. //
  4221. //Date of Creation: 9-3-2001
  4222. //
  4223. //Parameters:
  4224. // IN ADDR Source,
  4225. // IN ADDR Destination,
  4226. // IN BOOL bFormat
  4227. // IN NshHashTable& addressHash,
  4228. // IN BOOL bResolveDNS
  4229. //
  4230. //Return: DWORD
  4231. //
  4232. //Description: This function prepares data for MMsas
  4233. //
  4234. // Date Author Comments
  4235. //
  4236. //////////////////////////////////////////////////////////////////////////////////////////
  4238. DWORD
  4239. ShowMMSas(
  4240. IN ADDR Source,
  4241. IN ADDR Destination,
  4242. IN BOOL bFormat,
  4243. IN NshHashTable& addressHash,
  4244. IN BOOL bResolveDNS
  4245. )
  4246. {
  4247. DWORD dwReturn = ERROR_SUCCESS; // success by default
  4248. int i=0, j=0;
  4249. DWORD dwResumeHandle = 0; // handle for continuation calls
  4250. DWORD dwCount = 2; // counting objects here min 2 required
  4252. // for MM SA calls
  4253. DWORD dwReserved = 0; // reserved container
  4254. DWORD dwVersion = 0;
  4255. BOOL bHeader = FALSE;
  4256. BOOL bFound = FALSE;
  4257. _TCHAR szTime[BUFFER_SIZE] = {0};
  4259. PIPSEC_MM_SA pIPSecMMSA=NULL;
  4260. IPSEC_MM_SA mmsaTemplate;
  4261. memset(&mmsaTemplate, 0, sizeof(IPSEC_MM_SA));
  4263. // Display main mode SAs
  4264. time_t Time;
  4266. time(&Time);
  4267. FormatTime(Time,szTime);
  4269. // make the call(s)
  4270. for (i = 0; ;i+=dwCount)
  4271. {
  4272. dwReturn = EnumMMSAs(g_szDynamicMachine, dwVersion, &mmsaTemplate, 0, 0, &pIPSecMMSA, &dwCount, &dwReserved, &dwResumeHandle, NULL);
  4274. if (dwReturn == ERROR_NO_DATA || dwCount == 0)
  4275. {
  4276. if (i == 0)
  4277. {
  4278. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  4279. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_MMSAS_3);
  4280. bHeader = TRUE; //To Block other error message
  4281. }
  4282. dwReturn = ERROR_SUCCESS;
  4283. BAIL_OUT;
  4284. }
  4286. if (dwReturn != ERROR_SUCCESS)
  4287. {
  4288. BAIL_OUT;
  4289. }
  4291. for (j = 0; j < (int) dwCount; j++)
  4292. {
  4293. bHeader = FALSE;
  4294. //Enumerate all MMSAs
  4295. if((Source.AddrType == IP_ADDR_UNIQUE) && (Destination.AddrType == IP_ADDR_UNIQUE) &&
  4296. (Source.uIpAddr == 0xFFFFFFFF ) && (Destination.uIpAddr == 0xFFFFFFFF))
  4297. {
  4298. bFound = TRUE;
  4299. }
  4300. //Enumerate me/any as source
  4301. else if((Source.AddrType != IP_ADDR_UNIQUE) && (Destination.AddrType == IP_ADDR_UNIQUE) &&
  4302. (Source.uIpAddr != 0xFFFFFFFF ) && (Destination.uIpAddr == 0xFFFFFFFF))
  4303. {
  4304. if((pIPSecMMSA[j].Me.AddrType == Source.AddrType) &&
  4305. (pIPSecMMSA[j].Me.uIpAddr == Source.uIpAddr) && (pIPSecMMSA[j].Me.uSubNetMask == Source.uSubNetMask))
  4306. {
  4307. bFound = TRUE;
  4308. }
  4310. }
  4311. //Enumerate me/any as dst
  4312. else if((Source.AddrType == IP_ADDR_UNIQUE) && (Destination.AddrType != IP_ADDR_UNIQUE) &&
  4313. (Source.uIpAddr == 0xFFFFFFFF ) && (Destination.uIpAddr != 0xFFFFFFFF))
  4314. {
  4315. if( (pIPSecMMSA[j].Peer.AddrType == Destination.AddrType)
  4316. && (pIPSecMMSA[j].Peer.uIpAddr == Destination.uIpAddr)
  4317. && (pIPSecMMSA[j].Peer.uSubNetMask == Destination.uSubNetMask))
  4318. {
  4319. bFound = TRUE;
  4320. }
  4321. }
  4322. //Enumerate me/any as source/dst
  4323. else if((Source.AddrType != IP_ADDR_UNIQUE) && (Destination.AddrType != IP_ADDR_UNIQUE) &&
  4324. (Source.uIpAddr != 0xFFFFFFFF ) && (Destination.uIpAddr != 0xFFFFFFFF))
  4325. {
  4326. if((pIPSecMMSA[j].Me.AddrType == Source.AddrType)
  4327. && (pIPSecMMSA[j].Me.uIpAddr == Source.uIpAddr)
  4328. && (pIPSecMMSA[j].Me.uSubNetMask == Source.uSubNetMask)
  4329. && (pIPSecMMSA[j].Peer.AddrType == Destination.AddrType)
  4330. && (pIPSecMMSA[j].Peer.uIpAddr == Destination.uIpAddr)
  4331. && (pIPSecMMSA[j].Peer.uSubNetMask == Destination.uSubNetMask))
  4332. {
  4333. bFound = TRUE;
  4334. }
  4336. }
  4337. //Enumerate Only given source SPL_SRVR MMSAs
  4338. else if((Source.AddrType != IP_ADDR_UNIQUE) && (Destination.AddrType == IP_ADDR_UNIQUE) &&
  4339. (Source.uIpAddr == 0xFFFFFFFF ) && (Destination.uIpAddr == 0xFFFFFFFF))
  4340. {
  4341. if(pIPSecMMSA[j].Me.AddrType == Source.AddrType)
  4342. {
  4343. bFound = TRUE;
  4344. }
  4346. }
  4347. //Enumerate Only given dst SPL_SRVR MMSAs
  4348. else if((Source.AddrType == IP_ADDR_UNIQUE) && (Destination.AddrType != IP_ADDR_UNIQUE) &&
  4349. (Source.uIpAddr == 0xFFFFFFFF ) && (Destination.uIpAddr == 0xFFFFFFFF))
  4350. {
  4351. if(pIPSecMMSA[j].Peer.AddrType == Destination.AddrType)
  4352. {
  4353. bFound = TRUE;
  4354. }
  4355. }
  4356. //Enumerate Only given src&dst MMSAs
  4357. else if((Source.uIpAddr != 0xFFFFFFFF) && (Destination.uIpAddr != 0xFFFFFFFF))
  4358. {
  4359. if((pIPSecMMSA[j].Me.uIpAddr == Source.uIpAddr) && (pIPSecMMSA[j].Peer.uIpAddr == Destination.uIpAddr))
  4360. {
  4361. bFound = TRUE;
  4362. }
  4363. }
  4364. //Enumerate Only given source MMSAs
  4365. else if((Source.uIpAddr != 0xFFFFFFFF) && (Destination.uIpAddr == 0xFFFFFFFF))
  4366. {
  4367. if(pIPSecMMSA[j].Me.uIpAddr == Source.uIpAddr)
  4368. {
  4369. bFound = TRUE;
  4370. }
  4371. }
  4372. //Enumerate Only given dst MMSAs
  4373. else if((Source.uIpAddr == 0xFFFFFFFF) && (Destination.uIpAddr != 0xFFFFFFFF))
  4374. {
  4375. if(pIPSecMMSA[j].Peer.uIpAddr == Destination.uIpAddr)
  4376. {
  4377. bFound = TRUE;
  4378. }
  4379. }
  4381. //Finally print it is found...
  4382. if(bFound)
  4383. {
  4384. if(!bHeader)
  4385. {
  4386. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_IKE_SA_HEADING,szTime);
  4387. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMF_UNDERLINE);
  4388. if(bFormat)
  4389. {
  4390. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_DST_SEC_HEADING);
  4391. //This is place holder for date and time created...
  4392. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_UNDERLINE);
  4393. }
  4394. bHeader = TRUE;
  4395. }
  4396. PrintMMSas(pIPSecMMSA[j], bFormat, addressHash, bResolveDNS);
  4397. }
  4399. }
  4401. SPDApiBufferFree(pIPSecMMSA);
  4402. pIPSecMMSA=NULL;
  4404. if(dwReserved == 0) //this is API requirement
  4405. {
  4406. BAIL_OUT;
  4407. }
  4408. }
  4410. error:
  4411. if(pIPSecMMSA)
  4412. {
  4413. SPDApiBufferFree(pIPSecMMSA);
  4414. pIPSecMMSA=NULL;
  4415. }
  4416. if(bHeader == FALSE)
  4417. {
  4418. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  4419. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_MMSAS_6);
  4420. }
  4423. return dwReturn;
  4424. }
  4427. ///////////////////////////////////////////////////////////////////////////////////////////
  4428. //
  4429. //Function: PrintMMSas
  4430. //
  4431. //Date of Creation: 9-3-2001
  4432. //
  4433. //Parameters:
  4434. //
  4435. // IN IPSEC_MM_SA MMsas,
  4436. // IN BOOL bFormat
  4437. // IN NshHashTable& addressHash
  4438. // IN BOOL bResolveDNS
  4439. //
  4440. //Return: VOID
  4441. //
  4442. //Description: This function prints data for MMsas
  4443. //
  4444. // Date Author Comments
  4445. //
  4446. //////////////////////////////////////////////////////////////////////////////////////////
  4448. VOID
  4449. PrintMMSas(
  4450. IN IPSEC_MM_SA MMsas,
  4451. IN BOOL bFormat,
  4452. IN NshHashTable& addressHash,
  4453. IN BOOL bResolveDNS
  4454. )
  4455. {
  4456. DWORD i = 0;
  4457. BYTE* pbData = NULL;
  4458. DWORD dwLenth = 0;
  4460. if(!bFormat)//List
  4461. {
  4462. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_COOKIE_PAIR);
  4463. pbData = (BYTE*)&(MMsas.MMSpi.Initiator);
  4464. dwLenth = sizeof(IKE_COOKIE);
  4465. for(i=0; i<dwLenth; i++)
  4466. {
  4467. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_COOKIE,pbData[i]);
  4468. }
  4470. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_COLON);
  4472. pbData = (BYTE*)&(MMsas.MMSpi.Responder);
  4473. for(i=0; i<dwLenth; i++)
  4474. {
  4475. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_COOKIE,pbData[i]);
  4476. }
  4478. //Created time required clarification
  4479. //Security Methods
  4480. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SEC_METHOD_HEADING);
  4482. switch(MMsas.SelectedMMOffer.EncryptionAlgorithm.uAlgoIdentifier)
  4483. {
  4484. case CONF_ALGO_NONE:
  4485. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NONE_ALGO);
  4486. break;
  4487. case CONF_ALGO_DES:
  4488. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_DES_ALGO);
  4489. break;
  4490. case CONF_ALGO_3_DES:
  4491. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NO_SA_FOUND_MSGDES_ALGO);
  4492. break;
  4493. default:
  4494. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_UNKNOWN_ALGO);
  4495. break;
  4496. }
  4498. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SLASH);
  4500. switch(MMsas.SelectedMMOffer.HashingAlgorithm.uAlgoIdentifier)
  4501. {
  4502. case AUTH_ALGO_NONE:
  4503. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NONE_ALGO);
  4504. break;
  4505. case AUTH_ALGO_MD5:
  4506. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_MD5_ALGO);
  4507. break;
  4508. case AUTH_ALGO_SHA1:
  4509. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SHA1_ALGO);
  4510. break;
  4511. default:
  4512. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_UNKNOWN_ALGO);
  4513. break;
  4514. }
  4515. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_DH_LIFETIME,MMsas.SelectedMMOffer.dwDHGroup, MMsas.SelectedMMOffer.Lifetime.uKeyExpirationTime);
  4517. //Authentication Mode
  4518. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_AUTH_MODE_HEADING);
  4519. switch(MMsas.MMAuthEnum)
  4520. {
  4521. case IKE_PRESHARED_KEY:
  4522. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_PRE_KEY);
  4523. break;
  4524. case IKE_DSS_SIGNATURE:
  4525. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_DSS_SIGN);
  4526. break;
  4527. case IKE_RSA_SIGNATURE:
  4528. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_RSA_SIGN);
  4529. break;
  4530. case IKE_RSA_ENCRYPTION:
  4531. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_RSA_ENCRYPT);
  4532. break;
  4533. case IKE_SSPI:
  4534. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_KERBEROS);
  4535. break;
  4536. default:
  4537. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_UNKNOWN_ALGO);
  4538. break;
  4539. }
  4541. //Source address:
  4542. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SRC_HEADING);
  4543. PrintAddr(MMsas.Me, addressHash, false);
  4544. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_PORT,MMsas.UdpEncapContext.wSrcEncapPort);
  4545. if(bResolveDNS)
  4546. {
  4547. PrintAddrStr(&(MMsas.Me), addressHash);
  4548. }
  4549. switch(MMsas.MMAuthEnum)
  4550. {
  4551. case IKE_PRESHARED_KEY:
  4552. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_ID_HEADING);
  4553. PrintAddr(MMsas.Me, addressHash, bResolveDNS);
  4554. break;
  4555. case IKE_DSS_SIGNATURE:
  4556. case IKE_RSA_SIGNATURE:
  4557. case IKE_RSA_ENCRYPTION:
  4558. if(MMsas.MyCertificateChain.pBlob) {
  4559. PrintSACertInfo(MMsas);
  4560. }
  4561. else if(MMsas.MyId.pBlob){
  4562. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_ID_VALUE,(LPTSTR)(MMsas.MyId.pBlob));
  4563. }
  4564. break;
  4565. case IKE_SSPI:
  4566. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_ID_VALUE,(LPTSTR)(MMsas.MyId.pBlob));
  4567. break;
  4568. default:
  4569. break;
  4570. }
  4572. //Destination address:
  4573. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_DST_HEADING);
  4574. PrintAddr(MMsas.Peer, addressHash, false);
  4575. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_PORT,MMsas.UdpEncapContext.wDesEncapPort);
  4576. if(bResolveDNS)
  4577. {
  4578. PrintAddrStr(&(MMsas.Peer), addressHash);
  4579. }
  4580. switch(MMsas.MMAuthEnum)
  4581. {
  4582. case IKE_PRESHARED_KEY:
  4583. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_ID_HEADING);
  4584. PrintAddr(MMsas.Peer, addressHash, bResolveDNS);
  4585. break;
  4586. case IKE_DSS_SIGNATURE:
  4587. case IKE_RSA_SIGNATURE:
  4588. case IKE_RSA_ENCRYPTION:
  4589. if(MMsas.PeerCertificateChain.pBlob) {
  4590. PrintSACertInfo(MMsas);
  4591. }
  4592. else if(MMsas.PeerId.pBlob){
  4593. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_ID_VALUE,(LPTSTR)(MMsas.PeerId.pBlob));
  4594. }
  4595. break;
  4596. case IKE_SSPI:
  4597. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_ID_VALUE,(LPTSTR)(MMsas.PeerId.pBlob));
  4598. break;
  4599. default:
  4600. break;
  4601. }
  4602. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  4603. }
  4604. else // Table output
  4605. {
  4606. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  4608. PrintAddr(MMsas.Me, addressHash, bResolveDNS);
  4609. switch(MMsas.MMAuthEnum)
  4610. {
  4611. case IKE_PRESHARED_KEY:
  4612. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SPACE_ADJ);
  4613. break;
  4614. case IKE_DSS_SIGNATURE:
  4615. case IKE_RSA_SIGNATURE:
  4616. case IKE_RSA_ENCRYPTION:
  4617. //This is a place holder for id
  4618. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SPACE_ADJ);
  4619. break;
  4620. case IKE_SSPI:
  4621. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_KERB_ID, (LPTSTR)(MMsas.MyId.pBlob));
  4622. break;
  4623. default:
  4624. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SPACE_ADJ);
  4625. break;
  4626. }
  4628. //Security Methods
  4629. switch(MMsas.SelectedMMOffer.EncryptionAlgorithm.uAlgoIdentifier)
  4630. {
  4631. case CONF_ALGO_NONE:
  4632. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NONE_ALGO);
  4633. break;
  4634. case CONF_ALGO_DES:
  4635. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_DES_ALGO);
  4636. break;
  4637. case CONF_ALGO_3_DES:
  4638. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NO_SA_FOUND_MSGDES_ALGO);
  4639. break;
  4640. default:
  4641. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_UNKNOWN_ALGO);
  4642. break;
  4643. }
  4645. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SLASH);
  4647. switch(MMsas.SelectedMMOffer.HashingAlgorithm.uAlgoIdentifier)
  4648. {
  4649. case AUTH_ALGO_NONE:
  4650. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NONE_ALGO);
  4651. break;
  4652. case AUTH_ALGO_MD5:
  4653. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_MD5_ALGO);
  4654. break;
  4655. case AUTH_ALGO_SHA1:
  4656. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SHA1_ALGO);
  4657. break;
  4658. default:
  4659. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_UNKNOWN_ALGO);
  4660. break;
  4661. }
  4662. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_DH_LIFETIME,MMsas.SelectedMMOffer.dwDHGroup, MMsas.SelectedMMOffer.Lifetime.uKeyExpirationTime);
  4664. if(bResolveDNS)
  4665. {
  4666. PrintAddrStr(&(MMsas.Me), addressHash, DYNAMIC_SHOW_MMSAS_DNS);
  4667. }
  4670. //One set over next set starts
  4671. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  4673. PrintAddr(MMsas.Peer, addressHash, bResolveDNS);
  4674. switch(MMsas.MMAuthEnum)
  4675. {
  4676. case IKE_PRESHARED_KEY:
  4677. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SPACE_ADJ);
  4678. //" "
  4679. break;
  4680. case IKE_DSS_SIGNATURE:
  4681. case IKE_RSA_SIGNATURE:
  4682. case IKE_RSA_ENCRYPTION:
  4683. //This is a place holder for id
  4684. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SPACE_ADJ);
  4685. break;
  4686. case IKE_SSPI:
  4687. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_KERB_PEER_ID, (LPTSTR)(MMsas.PeerId.pBlob));
  4688. break;
  4689. default:
  4690. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SPACE_ADJ);
  4691. break;
  4692. }
  4694. //Sec Methods
  4695. switch(MMsas.SelectedMMOffer.EncryptionAlgorithm.uAlgoIdentifier)
  4696. {
  4697. case CONF_ALGO_NONE:
  4698. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NONE_ALGO);
  4699. break;
  4700. case CONF_ALGO_DES:
  4701. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_DES_ALGO);
  4702. break;
  4703. case CONF_ALGO_3_DES:
  4704. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NO_SA_FOUND_MSGDES_ALGO);
  4705. break;
  4706. default:
  4707. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_UNKNOWN_ALGO);
  4708. break;
  4709. }
  4711. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SLASH);
  4713. switch(MMsas.SelectedMMOffer.HashingAlgorithm.uAlgoIdentifier)
  4714. {
  4715. case AUTH_ALGO_NONE:
  4716. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NONE_ALGO);
  4717. break;
  4718. case AUTH_ALGO_MD5:
  4719. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_MD5_ALGO);
  4720. break;
  4721. case AUTH_ALGO_SHA1:
  4722. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SHA1_ALGO);
  4723. break;
  4724. default:
  4725. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_UNKNOWN_ALGO);
  4726. break;
  4727. }
  4729. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_DH_LIFETIME,MMsas.SelectedMMOffer.dwDHGroup, MMsas.SelectedMMOffer.Lifetime.uKeyExpirationTime);
  4731. if(bResolveDNS)
  4732. {
  4733. PrintAddrStr(&(MMsas.Peer), addressHash, DYNAMIC_SHOW_MMSAS_DNS);
  4734. }
  4735. }
  4736. }
  4738. ///////////////////////////////////////////////////////////////////////////////////////////
  4739. //
  4740. //Function: PrintSACertInfo
  4741. //
  4742. //Date of Creation: 9-3-2001
  4743. //
  4744. //Parameters: IN IPSEC_MM_SA& MMsas
  4745. //
  4746. //Return: VOID
  4747. //
  4748. //Description:
  4749. //
  4750. // Date Author Comments
  4751. //
  4752. //////////////////////////////////////////////////////////////////////////////////////////
  4753. VOID
  4754. PrintSACertInfo(
  4755. IN IPSEC_MM_SA& MMsas
  4756. )
  4757. {
  4758. CRYPT_DATA_BLOB pkcsMsg;
  4759. HANDLE hCertStore = NULL;
  4760. PCCERT_CONTEXT pPrevCertContext = NULL;
  4761. PCCERT_CONTEXT pCertContext = NULL;
  4762. _TCHAR pszSubjectName[MAX_STR_LEN] = {0};
  4763. char szThumbPrint[MAX_STR_LEN] = {0};
  4764. BOOL bPrintID = FALSE;
  4765. BOOL bLastCert = FALSE;
  4766. BOOL pCertPrinted = TRUE;
  4769. pkcsMsg.pbData=MMsas.MyCertificateChain.pBlob;
  4770. pkcsMsg.cbData=MMsas.MyCertificateChain.dwSize;
  4772. hCertStore = CertOpenStore( CERT_STORE_PROV_PKCS7,
  4773. MY_ENCODING_TYPE | PKCS_7_ASN_ENCODING,
  4774. NULL,
  4775. CERT_STORE_READONLY_FLAG,
  4776. &pkcsMsg);
  4778. if ( NULL == hCertStore )
  4779. {
  4780. BAIL_OUT;
  4781. }
  4783. while(TRUE)
  4784. {
  4786. pCertContext = CertEnumCertificatesInStore( hCertStore,
  4787. pPrevCertContext);
  4788. if ( NULL == pCertContext )
  4789. {
  4790. bLastCert = TRUE;
  4791. }
  4793. if ( !pCertPrinted )
  4794. {
  4795. //print the certificate
  4796. if ( !bPrintID )
  4797. {
  4798. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_ID_VALUE,(LPTSTR)(pszSubjectName));
  4799. bPrintID = TRUE;
  4800. }
  4802. if ( !bLastCert )
  4803. {
  4804. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_ISSUE_CA, (LPTSTR) pszSubjectName );
  4805. }
  4806. else
  4807. {
  4808. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_ROOTCA , (LPTSTR) pszSubjectName );
  4809. }
  4811. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_THUMB_PRINT);
  4812. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_THUMBPRINT , szThumbPrint);
  4814. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_HASH_OPEN_BRACKET );
  4815. switch(MMsas.SelectedMMOffer.HashingAlgorithm.uAlgoIdentifier)
  4816. {
  4817. case AUTH_ALGO_NONE:
  4818. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_NONE_ALGO);
  4819. break;
  4820. case AUTH_ALGO_MD5:
  4821. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_MD5_ALGO);
  4822. break;
  4823. case AUTH_ALGO_SHA1:
  4824. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_SHA1_ALGO);
  4825. break;
  4826. default:
  4827. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_UNKNOWN_ALGO);
  4828. break;
  4829. }
  4830. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_MMSAS_HASH_CLOSE_BRACKET);
  4832. pCertPrinted = TRUE;
  4833. }
  4835. if ( bLastCert )
  4836. {
  4837. BAIL_OUT;
  4838. }
  4840. GetSubjectAndThumbprint(pCertContext, pszSubjectName, szThumbPrint);
  4841. pPrevCertContext = pCertContext;
  4842. pCertPrinted = FALSE;
  4844. }
  4846. error:
  4847. if ( hCertStore )
  4848. {
  4849. CertCloseStore(hCertStore, 0 );
  4850. }
  4851. }
  4853. ///////////////////////////////////////////////////////////////////////////////////////////
  4854. //
  4855. //Function: GetNameAudit
  4856. //
  4857. //Date of Creation: 1-3-2002
  4858. //
  4859. //Parameters:
  4860. //
  4861. // IN CRYPT_DATA_BLOB *NameBlob,
  4862. // IN OUT LPTSTR Name,
  4863. // IN DWORD NameBufferSize
  4864. //
  4865. //Return: VOID
  4866. //
  4867. //Description: Translates encoded Name into Unicode string.
  4868. // Buffer already allocated.
  4869. //
  4870. // Date Author Comments
  4871. //
  4872. //////////////////////////////////////////////////////////////////////////////////////////
  4873. DWORD
  4874. GetNameAudit(
  4875. IN CRYPT_DATA_BLOB *NameBlob,
  4876. IN OUT LPTSTR Name,
  4877. IN DWORD NameBufferSize
  4878. )
  4879. {
  4880. DWORD dwCount=0;
  4881. DWORD dwSize = 0;
  4883. dwSize = CertNameToStr(
  4884. MY_ENCODING_TYPE, // Encoding type
  4885. NameBlob, // CRYPT_DATA_BLOB
  4886. CERT_X500_NAME_STR, // Type
  4887. Name, // Place to return string
  4888. NameBufferSize); // Size of string (chars)
  4889. if(dwSize <= 1)
  4890. {
  4891. dwCount = _tcslen(_TEXT(""))+1;
  4892. _tcsncpy(Name, _TEXT(""), dwCount);
  4893. }
  4895. return ERROR_SUCCESS;
  4896. }
  4899. ///////////////////////////////////////////////////////////////////////////////////////////
  4900. //
  4901. // Function : CertGetSHAHash
  4902. //
  4903. // Date of Creation: 1-3-2002
  4904. //
  4905. // Parameters :
  4906. //
  4907. // IN PCCERT_CONTEXT pCertContext,
  4908. // IN OUT BYTE* OutHash
  4909. //
  4910. // Return : DWORD
  4911. //
  4912. // Description : Gets certificate context property
  4913. //
  4914. // Date Author Comments
  4915. //
  4916. //////////////////////////////////////////////////////////////////////////////////////////
  4917. DWORD
  4918. CertGetSHAHash(
  4919. IN PCCERT_CONTEXT pCertContext,
  4920. IN OUT BYTE* OutHash
  4921. )
  4922. {
  4923. DWORD HashSize = SHA_LENGTH - 1;//one less for null termination
  4924. DWORD dwReturn = ERROR_SUCCESS;
  4926. if (!CertGetCertificateContextProperty(pCertContext,
  4927. CERT_SHA1_HASH_PROP_ID,
  4928. (VOID*)OutHash,
  4929. &HashSize))
  4930. {
  4931. dwReturn = GetLastError();
  4932. }
  4934. return dwReturn;
  4935. }
  4937. ///////////////////////////////////////////////////////////////////////////////////////////
  4938. //
  4939. // Function : print_vpi
  4940. //
  4941. // Date of Creation: 1-3-2002
  4942. //
  4943. // Parameters :
  4944. // IN unsigned char *vpi,
  4945. // IN int vpi_len,
  4946. // IN OUT char *msg
  4947. //
  4948. // Return : VOID
  4949. //
  4950. // Description : Prepare string for Cookie
  4951. //
  4952. // Date Author Comments
  4953. //
  4954. //////////////////////////////////////////////////////////////////////////////////////////
  4955. VOID
  4956. print_vpi(
  4957. IN unsigned char *vpi,
  4958. IN int vpi_len,
  4959. IN OUT char *msg
  4960. )
  4961. {
  4962. int i;
  4963. char *p = msg;
  4965. if ((vpi != NULL) && (p != NULL))
  4966. {
  4967. for (i=0; i<vpi_len; i++)
  4968. {
  4969. p += _snprintf(p,1,"%x",vpi[i]);
  4970. }
  4972. *p = 0;
  4973. }
  4974. }
  4976. ///////////////////////////////////////////////////////////////////////////////////////////
  4977. //
  4978. // Function : GetSubjectAndThumbprint
  4979. //
  4980. // Date of Creation: 1-3-2002
  4981. //
  4982. // Parameters :
  4983. // IN PCCERT_CONTEXT pCertContext,
  4984. // IN LPTSTR pszSubjectName,
  4985. // IN LPSTR pszThumbPrint
  4986. //
  4987. // Return : VOID
  4988. //
  4989. // Description : Drills CA and prints thumbprint and Issuing CAs.
  4990. //
  4991. // Date Author Comments
  4992. //
  4993. //////////////////////////////////////////////////////////////////////////////////////////
  4995. VOID
  4996. GetSubjectAndThumbprint(
  4997. IN PCCERT_CONTEXT pCertContext,
  4998. IN LPTSTR pszSubjectName,
  4999. IN LPSTR pszThumbPrint
  5000. )
  5001. {
  5002. DWORD dwReturn = ERROR_SUCCESS;
  5003. CRYPT_DATA_BLOB NameBlob;
  5004. BYTE CertHash[SHA_LENGTH] = {0};
  5006. NameBlob = pCertContext->pCertInfo->Subject;
  5008. dwReturn = GetNameAudit(&NameBlob,pszSubjectName,MAX_STR_LEN);
  5010. if(dwReturn == ERROR_SUCCESS)
  5011. {
  5012. dwReturn = CertGetSHAHash(pCertContext,CertHash);
  5013. }
  5015. if(dwReturn == ERROR_SUCCESS)
  5016. {
  5017. print_vpi(CertHash, SHA_LENGTH, pszThumbPrint);
  5018. }
  5019. }
  5021. ///////////////////////////////////////////////////////////////////////////////////////////
  5022. //
  5023. // Function : ShowQMSas
  5024. //
  5025. // Date of Creation: 9-3-2001
  5026. //
  5027. // Parameters : IN IPAddr source,
  5028. // IN IPAddr destination,
  5029. // IN DWORD dwProtocol
  5030. // IN NshHashTable& addressHash
  5031. // IN BOOL bResolveDNS
  5032. //
  5033. // Return : DWORD
  5034. //
  5035. // Description : This function prepares data for QMsas
  5036. //
  5037. // Date Author Comments
  5038. //
  5039. //////////////////////////////////////////////////////////////////////////////////////////
  5041. DWORD
  5042. ShowQMSas(
  5043. IN ADDR Source,
  5044. IN ADDR Destination,
  5045. IN DWORD dwProtocol,
  5046. IN NshHashTable& addressHash,
  5047. IN BOOL bResolveDNS
  5048. )
  5049. {
  5050. DWORD dwReturn = ERROR_SUCCESS; // success by default
  5051. DWORD i=0, j=0;
  5052. DWORD dwResumeHandle = 0; // handle for continuation calls
  5053. DWORD dwCount =2; // counting objects here min 2 required
  5054. PIPSEC_QM_SA pIPSecQMSA = NULL; // for QM SA calls
  5055. DWORD dwReserved =0; // reserved container
  5056. DWORD dwVersion = 0;
  5057. BOOL bFound = FALSE;
  5058. BOOL bHeader = FALSE;
  5059. BOOL bContinue = TRUE;
  5061. // make the call(s)
  5062. for (i = 0; ;i+=dwCount)
  5063. {
  5064. dwReturn = EnumQMSAs(g_szDynamicMachine, dwVersion , NULL, 0, 0, &pIPSecQMSA, &dwCount, &dwReserved, &dwResumeHandle, NULL);
  5065. if (dwReturn == ERROR_NO_DATA || dwCount == 0)
  5066. {
  5067. if (i == 0)
  5068. {
  5069. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  5070. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_QMSAS_3);
  5071. bHeader = TRUE; //To Block other error message
  5072. }
  5073. dwReturn = ERROR_SUCCESS;
  5074. BAIL_OUT;
  5075. }
  5076. if (dwReturn != ERROR_SUCCESS)
  5077. {
  5078. BAIL_OUT;
  5079. }
  5080. for (j = 0; j < dwCount; j++)
  5081. {
  5082. bFound = FALSE;
  5083. bContinue = TRUE;
  5084. //Source is a SPL_SERVER
  5085. if((Source.AddrType != IP_ADDR_UNIQUE) && bContinue)
  5086. {
  5087. if(pIPSecQMSA[j].IpsecQMFilter.SrcAddr.AddrType == Source.AddrType)
  5088. {
  5089. bFound = TRUE;
  5090. }
  5091. else
  5092. {
  5093. bFound = FALSE;
  5094. bContinue= FALSE;
  5095. }
  5096. }
  5097. //Destination is a SPL_SERVER
  5098. if((Destination.AddrType != IP_ADDR_UNIQUE)&& bContinue)
  5099. {
  5100. if(pIPSecQMSA[j].IpsecQMFilter.DesAddr.AddrType == Destination.AddrType)
  5101. {
  5102. bFound = TRUE;
  5103. }
  5104. else
  5105. {
  5106. bFound = FALSE;
  5107. bContinue= FALSE;
  5108. }
  5109. }
  5110. //Source Addr specie
  5111. if((Source.uIpAddr != 0xFFFFFFFF)&& bContinue)
  5112. {
  5113. if(pIPSecQMSA[j].IpsecQMFilter.SrcAddr.uIpAddr == Source.uIpAddr)
  5114. {
  5115. bFound = TRUE;
  5116. }
  5117. else
  5118. {
  5119. bFound = FALSE;
  5120. bContinue= FALSE;
  5121. }
  5122. }
  5123. // Check for me/any
  5124. // 0x55555555 is an invalid mask. In parent function mask is initialized with this value.
  5125. // If user gives the input then this will be overwritten.
  5126. if((Source.uSubNetMask != 0x55555555)&& bContinue)
  5127. {
  5128. if(pIPSecQMSA[j].IpsecQMFilter.SrcAddr.uSubNetMask == Source.uSubNetMask)
  5129. {
  5130. bFound = TRUE;
  5131. }
  5132. else
  5133. {
  5134. bFound = FALSE;
  5135. bContinue= FALSE;
  5136. }
  5137. }
  5138. //Dst Addr
  5139. if((Destination.uIpAddr != 0xFFFFFFFF)&& bContinue)
  5140. {
  5141. if(pIPSecQMSA[j].IpsecQMFilter.DesAddr.uIpAddr == Destination.uIpAddr)
  5142. {
  5143. bFound = TRUE;
  5144. }
  5145. else
  5146. {
  5147. bFound = FALSE;
  5148. bContinue= FALSE;
  5149. }
  5150. }
  5151. //
  5152. // Check for me/any
  5153. // 0x55555555 is an invalid mask. In parent function mask is initialized with this value.
  5154. // If user gives the input then this will be overwritten.
  5155. //
  5156. if((Destination.uSubNetMask != 0x55555555)&& bContinue)
  5157. {
  5158. if(pIPSecQMSA[j].IpsecQMFilter.DesAddr.uSubNetMask == Destination.uSubNetMask)
  5159. {
  5160. bFound = TRUE;
  5161. }
  5162. else
  5163. {
  5164. bFound = FALSE;
  5165. bContinue= FALSE;
  5166. }
  5167. }
  5168. //Protocol specified
  5169. if((dwProtocol != 0xFFFFFFFF)&& bContinue)
  5170. {
  5171. if(pIPSecQMSA[j].IpsecQMFilter.Protocol.dwProtocol == dwProtocol)
  5172. {
  5173. bFound = TRUE;
  5174. }
  5175. else
  5176. {
  5177. bFound = FALSE;
  5178. bContinue= FALSE;
  5179. }
  5180. }
  5181. //
  5182. // AllQmsas
  5183. //
  5184. if((Source.uIpAddr == 0xFFFFFFFF ) && (Destination.uIpAddr == 0xFFFFFFFF) &&
  5185. (Source.AddrType == IP_ADDR_UNIQUE) && (Destination.AddrType == IP_ADDR_UNIQUE) &&
  5186. (dwProtocol == 0xFFFFFFFF))
  5187. {
  5188. bFound = TRUE;
  5189. }
  5191. if(bFound)
  5192. {
  5193. if(!bHeader)
  5194. {
  5195. //
  5196. // Display main mode SAs
  5197. //
  5198. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_HEADING);
  5199. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_UNDERLINE);
  5200. bHeader = TRUE;
  5201. }
  5202. PrintQMSAFilter(pIPSecQMSA[j], addressHash, bResolveDNS);
  5203. }
  5204. }
  5206. if(dwReserved == 0)
  5207. {
  5208. //
  5209. // This API requirement
  5210. //
  5211. BAIL_OUT;
  5212. }
  5214. SPDApiBufferFree(pIPSecQMSA);
  5215. pIPSecQMSA=NULL;
  5216. }
  5218. error:
  5219. //error path clean up
  5220. if(pIPSecQMSA)
  5221. {
  5222. SPDApiBufferFree(pIPSecQMSA);
  5223. }
  5224. if(bHeader == FALSE)
  5225. {
  5226. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  5227. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SHOW_QMSAS_4);
  5228. }
  5230. return dwReturn;
  5231. }
  5233. ///////////////////////////////////////////////////////////////////////////////////////////
  5234. //
  5235. // Function : PrintQMSas
  5236. //
  5237. // Date of Creation: 9-3-2001
  5238. //
  5239. // Parameters : IN IPSEC_MM_SA QMOffer
  5240. //
  5241. // Return : VOID
  5242. //
  5243. // Description : This function displays quickmode offer details for security associations.
  5244. //
  5245. // Date Author Comments
  5246. //
  5247. //////////////////////////////////////////////////////////////////////////////////////////
  5249. VOID
  5250. PrintQMSas(
  5251. IN IPSEC_QM_OFFER QMOffer
  5252. )
  5253. {
  5254. DWORD i = 0;
  5256. if(QMOffer.dwNumAlgos >0)
  5257. {
  5258. for (i = 0; i < QMOffer.dwNumAlgos; i++)
  5259. {
  5260. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  5262. //print Authentication algorithms
  5263. if(QMOffer.Algos[i].Operation == AUTHENTICATION)
  5264. {
  5265. switch(QMOffer.Algos[i].uAlgoIdentifier)
  5266. {
  5267. case 1:
  5268. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_MD5_NONE_NONE_ALGO, QMOffer.Algos[i].uAlgoKeyLen, QMOffer.Algos[i].uAlgoRounds);
  5269. break;
  5270. case 2:
  5271. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_SHA1_NONE_NONE_ALGO, QMOffer.Algos[i].uAlgoKeyLen, QMOffer.Algos[i].uAlgoRounds);
  5272. break;
  5273. case 0:
  5274. default:
  5275. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_NONE_NONE_NONE_ALGO);
  5276. break;
  5277. }
  5278. }
  5279. else if(QMOffer.Algos[i].Operation == ENCRYPTION)
  5280. {
  5281. //print Hash algorithms
  5282. switch(QMOffer.Algos[i].uAlgoIdentifier)
  5283. {
  5284. case 1:
  5285. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_NONE_DES_ALGO, QMOffer.Algos[i].uAlgoKeyLen, QMOffer.Algos[i].uAlgoRounds);
  5286. break;
  5287. case 2:
  5288. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_NONE_UNKNOWN_ALGO);
  5289. break;
  5290. case 3:
  5291. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_NONE_3DES_ALGO, QMOffer.Algos[i].uAlgoKeyLen, QMOffer.Algos[i].uAlgoRounds);
  5292. break;
  5293. case 0:
  5294. default:
  5295. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_NONE_NONE_ALGO);
  5296. break;
  5297. }
  5299. if (QMOffer.Algos[i].uSecAlgoIdentifier != HMAC_AUTH_ALGO_NONE)
  5300. switch(QMOffer.Algos[i].uSecAlgoIdentifier)
  5301. {
  5302. case 1:
  5303. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_MD5_ALGO);
  5304. break;
  5305. case 2:
  5306. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_SHA1_ALGO);
  5307. break;
  5308. case 0:
  5309. default:
  5310. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_NONE_ALGO);
  5311. break;
  5312. }
  5313. else
  5314. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_NONE_SPACE_ALGO);
  5315. }
  5316. else
  5317. {
  5318. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMP_SAS_NONE_NONE_NONE_ALGO);
  5319. }
  5321. PrintMessageFromModule(g_hModule, QMPFSDHGroup(QMOffer.dwPFSGroup));
  5322. }
  5323. }
  5324. }
  5326. ///////////////////////////////////////////////////////////////////////////////////////////
  5327. //
  5328. // Function : PrintQMSAFilter
  5329. //
  5330. // Date of Creation: 9-3-2001
  5331. //
  5332. // Parameters : IN IPSEC_QM_SA QMsa
  5333. // IN NshHashTable& addressHash
  5334. // IN BOOL bResolveDNS
  5335. //
  5336. // Return : DWORD
  5337. //
  5338. // Description : This function displays quickmode filter details for Security associations.
  5339. //
  5340. // Date Author Comments
  5341. //
  5342. //////////////////////////////////////////////////////////////////////////////////////////
  5344. DWORD
  5345. PrintQMSAFilter(
  5346. IN IPSEC_QM_SA QMsa,
  5347. IN NshHashTable& addressHash,
  5348. IN BOOL bResolveDNS
  5349. )
  5350. {
  5351. DWORD dwReturn = 0;
  5352. DWORD dwVersion = 0;
  5353. PIPSEC_QM_POLICY pIPSecQMP = NULL;
  5355. //Print Tunnel or Transport type
  5356. switch(QMsa.IpsecQMFilter.QMFilterType)
  5357. {
  5358. case QM_TRANSPORT_FILTER:
  5359. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TRANSPORT_FILTER_HEADING);
  5360. break;
  5361. case QM_TUNNEL_FILTER:
  5362. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_FILTER_HEADING);
  5363. break;
  5364. default:
  5365. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_UNKNOWN);
  5366. break;
  5367. }
  5369. //print qmpolicy name
  5370. dwReturn = GetQMPolicyByID(g_szDynamicMachine, dwVersion, QMsa.gQMPolicyID, 0, &pIPSecQMP, NULL);
  5371. if(dwReturn == ERROR_SUCCESS)
  5372. {
  5373. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_POL_NAME_HEADING, pIPSecQMP[0].pszPolicyName);
  5374. }
  5376. //Print source and destination point.
  5377. if (QMsa.IpsecQMFilter.QMFilterType == QM_TUNNEL_FILTER)
  5378. {
  5379. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_SRC);
  5380. PrintAddr(QMsa.IpsecQMFilter.MyTunnelEndpt, addressHash, bResolveDNS);
  5381. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_TUNNEL_DST);
  5382. PrintAddr(QMsa.IpsecQMFilter.PeerTunnelEndpt, addressHash, bResolveDNS);
  5383. }
  5385. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_ADDR_HEADING);
  5386. PrintAddr(QMsa.IpsecQMFilter.SrcAddr, addressHash, bResolveDNS);
  5387. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DST_ADDR_HEADING);
  5388. PrintAddr(QMsa.IpsecQMFilter.DesAddr, addressHash, bResolveDNS);
  5390. //Print protocol
  5391. switch(QMsa.IpsecQMFilter.Protocol.dwProtocol)
  5392. {
  5393. case PROT_ID_ICMP:
  5394. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_ICMP);
  5395. break;
  5396. case PROT_ID_TCP:
  5397. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_TCP);
  5398. break;
  5399. case PROT_ID_UDP:
  5400. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_UDP);
  5401. break;
  5402. case PROT_ID_RAW:
  5403. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_RAW);
  5404. break;
  5405. case PROT_ID_ANY:
  5406. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_ANY);
  5407. break;
  5408. default:
  5409. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PROTO_HEADING, QMsa.IpsecQMFilter.Protocol.dwProtocol);
  5410. break;
  5411. }
  5413. //print source and destination port
  5414. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_SRC_PORT, QMsa.IpsecQMFilter.SrcPort.wPort);
  5415. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DST_PORT, QMsa.IpsecQMFilter.DesPort.wPort);
  5417. //print Inbound and outbound filteractions
  5418. switch(QMsa.IpsecQMFilter.dwFlags)
  5419. {
  5420. case FILTER_DIRECTION_INBOUND:
  5421. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DIRECTION_INBOUND);
  5422. break;
  5423. case FILTER_DIRECTION_OUTBOUND:
  5424. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DIRECTION_OUTBOUND);
  5425. break;
  5426. default:
  5427. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DIRECTION_ERR);
  5428. break;
  5429. }
  5431. //print encapsulation details
  5432. if (QMsa.EncapInfo.SAEncapType != SA_UDP_ENCAP_TYPE_NONE)
  5433. {
  5434. if(QMsa.EncapInfo.SAEncapType == SA_UDP_ENCAP_TYPE_IKE)
  5435. {
  5436. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_ENCAP_IKE);
  5437. }
  5438. else
  5439. {
  5440. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_ENCAP_OTHER);
  5441. }
  5442. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_SRC_UDP_PORT, QMsa.EncapInfo.UdpEncapContext.wSrcEncapPort);
  5443. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_DST_UDP_PORT, QMsa.EncapInfo.UdpEncapContext.wDesEncapPort);
  5444. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_PEER_ADDR);
  5445. PrintAddr(QMsa.EncapInfo.PeerPrivateAddr, addressHash, bResolveDNS);
  5446. }
  5447. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_OFFER);
  5448. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_COLUMN_HEADING);
  5449. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_QMSAS_COLUMN_UNDERLINE);
  5450. PrintQMSas(QMsa.SelectedQMOffer);
  5452. return dwReturn;
  5453. }
  5455. ///////////////////////////////////////////////////////////////////////////////////////////
  5456. //
  5457. // Function : ShowRegKeys
  5458. //
  5459. // Date of Creation: 9-3-2001
  5460. //
  5461. // Parameters : VOID
  5462. //
  5463. // Return : DWORD
  5464. //
  5465. // Description : This function displays ipsec configuration keys.
  5466. //
  5467. // Date Author Comments
  5468. //
  5469. //////////////////////////////////////////////////////////////////////////////////////////
  5471. DWORD
  5472. ShowRegKeys(
  5473. VOID
  5474. )
  5475. {
  5476. DWORD dwReturn = ERROR_SUCCESS;
  5477. DWORD dwKeyDataSize = sizeof(DWORD);
  5478. DWORD dwKeyDataType = REG_DWORD;
  5479. DWORD dwKeyData = 0;
  5480. IKE_CONFIG IKEConfig;
  5481. HKEY hRegistryKey = NULL;
  5482. LPTSTR lpBootMode;
  5483. PIPSEC_EXEMPT_ENTRY pAllEntries = NULL;
  5485. ZeroMemory( &IKEConfig, sizeof(IKE_CONFIG) );
  5487. dwReturn = RegOpenKeyEx(g_hGlobalRegistryKey, REGKEY_GLOBAL, 0, KEY_QUERY_VALUE, &hRegistryKey);
  5489. if(dwReturn != ERROR_SUCCESS)
  5490. {
  5491. BAIL_OUT;
  5492. }
  5494. dwReturn = GetConfigurationVariables(g_szDynamicMachine, &IKEConfig);
  5496. if(dwReturn != ERROR_SUCCESS)
  5497. {
  5498. //Print default values
  5499. IKEConfig.dwEnableLogging = IKE_LOG_DEFAULT;
  5500. IKEConfig.dwStrongCRLCheck = STRONG_CRL_DEFAULT;
  5501. dwReturn = ERROR_SUCCESS;
  5503. }
  5504. //print registry key headings
  5506. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_HEADING);
  5507. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_HEADING_UNDERLINE);
  5509. dwKeyData = IPSEC_DIAG_DEFAULT;
  5510. dwReturn = RegQueryValueEx(hRegistryKey, ENABLE_DIAG, 0, &dwKeyDataType, (BYTE*)&dwKeyData, &dwKeyDataSize);
  5511. if ((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_FILE_NOT_FOUND))
  5512. {
  5513. BAIL_OUT;
  5514. }
  5515. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_DIAG, dwKeyData);
  5517. //Print GetConfig values
  5518. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IKE_LOG, IKEConfig.dwEnableLogging);
  5519. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_STRONG_CRL, IKEConfig.dwStrongCRLCheck);
  5521. dwKeyData = 0;
  5522. dwKeyData = ENABLE_LOGINT_DEFAULT;
  5523. dwReturn = RegQueryValueEx(hRegistryKey, ENABLE_LOGINT, 0, &dwKeyDataType, (BYTE*)&dwKeyData, &dwKeyDataSize);
  5524. if ((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_FILE_NOT_FOUND))
  5525. {
  5526. BAIL_OUT;
  5527. }
  5528. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_LOG, dwKeyData);
  5530. dwKeyData = 0;
  5531. dwKeyData = ENABLE_EXEMPT_DEFAULT;
  5532. dwReturn = RegQueryValueEx(hRegistryKey, ENABLE_EXEMPT, 0, &dwKeyDataType, (BYTE*)&dwKeyData, &dwKeyDataSize);
  5533. if ((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_FILE_NOT_FOUND))
  5534. {
  5535. BAIL_OUT;
  5536. }
  5537. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_EXEMPT, dwKeyData);
  5539. dwKeyData = BOOTMODE_DEFAULT;
  5540. dwReturn = RegQueryValueEx(hRegistryKey, BOOTMODEKEY, 0, &dwKeyDataType, (BYTE*)&dwKeyData, &dwKeyDataSize);
  5541. if ((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_FILE_NOT_FOUND))
  5542. {
  5543. BAIL_OUT;
  5544. }
  5546. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_BOOTMODE);
  5547. switch (dwKeyData)
  5548. {
  5549. case VALUE_STATEFUL:
  5550. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_BOOTMODE_STATEFUL);
  5551. break;
  5552. case VALUE_BLOCK:
  5553. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_BOOTMODE_BLOCK);
  5554. break;
  5555. case VALUE_PERMIT:
  5556. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_BOOTMODE_PERMIT);
  5557. break;
  5558. default:
  5559. dwReturn = ERROR_INVALID_DATA;
  5560. break;
  5561. }
  5562. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  5563. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_BOOTMODE_EXEMPTIONS_HEADER_1);
  5565. dwKeyDataSize = 0;
  5566. dwReturn = RegQueryValueEx(hRegistryKey, BOOTEXEMPTKEY, 0, 0, NULL, &dwKeyDataSize);
  5567. if (dwReturn == ERROR_FILE_NOT_FOUND)
  5568. {
  5569. dwReturn = ERROR_SUCCESS;
  5570. }
  5571. else if (dwReturn != ERROR_SUCCESS)
  5572. {
  5573. BAIL_OUT;
  5574. }
  5576. if (dwKeyDataSize == 0)
  5577. {
  5578. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_BOOTMODE_EXEMPTIONS_NO_EXEMPTIONS);
  5579. }
  5580. else if ((dwKeyDataSize % sizeof(IPSEC_EXEMPT_ENTRY)) != 0)
  5581. {
  5582. dwReturn = ERROR_INVALID_DATA;
  5583. BAIL_OUT;
  5584. }
  5585. else
  5586. {
  5587. size_t uiNumEntries = dwKeyDataSize / sizeof(IPSEC_EXEMPT_ENTRY);
  5588. pAllEntries = new IPSEC_EXEMPT_ENTRY[uiNumEntries];
  5589. if (pAllEntries == NULL)
  5590. {
  5591. dwReturn = ERROR_NOT_ENOUGH_MEMORY;
  5592. BAIL_OUT;
  5593. }
  5595. dwReturn = RegQueryValueEx(hRegistryKey, BOOTEXEMPTKEY, 0, 0, (BYTE*)pAllEntries, &dwKeyDataSize);
  5596. if (dwReturn != ERROR_SUCCESS)
  5597. {
  5598. BAIL_OUT;
  5599. }
  5601. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  5602. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_BOOTMODE_EXEMPTIONS_HEADER_2);
  5603. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_BOOTMODE_EXEMPTIONS_HEADER_3);
  5605. for (size_t i = 0; i < uiNumEntries; ++i)
  5606. {
  5607. PIPSEC_EXEMPT_ENTRY pEntry = pAllEntries + i;
  5609. switch (pEntry->Protocol)
  5610. {
  5611. case PROT_ID_TCP:
  5612. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_BOOTMODE_TCP);
  5613. break;
  5614. case PROT_ID_UDP:
  5615. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_BOOTMODE_UDP);
  5616. break;
  5617. case PROT_ID_ICMP:
  5618. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_BOOTMODE_ICMP);
  5619. break;
  5620. case PROT_ID_RAW:
  5621. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_BOOTMODE_RAW);
  5622. break;
  5623. case PROT_ID_ANY:
  5624. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_REG_IPSEC_BOOTMODE_ANY);
  5625. break;
  5626. default:
  5627. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_BOOTMODE_EXEMPT_INTEGER, (int)pEntry->Protocol);
  5628. break;
  5629. }
  5631. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_BOOTMODE_EXEMPT_PORT, (int)pEntry->SrcPort);
  5632. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_BOOTMODE_EXEMPT_PORT, (int)pEntry->DestPort);
  5634. switch (pEntry->Direction)
  5635. {
  5636. case (EXEMPT_DIRECTION_INBOUND):
  5637. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_BOOTMODE_EXEMPT_DIRECTION_IN);
  5638. break;
  5639. case (EXEMPT_DIRECTION_OUTBOUND):
  5640. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_BOOTMODE_EXEMPT_DIRECTION_OUT);
  5641. break;
  5642. default:
  5643. dwReturn = ERROR_INVALID_DATA;
  5644. BAIL_OUT;
  5645. }
  5646. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  5647. }
  5648. }
  5650. error:
  5651. if (pAllEntries)
  5652. {
  5653. delete [] pAllEntries;
  5654. }
  5655. if (hRegistryKey)
  5656. {
  5657. RegCloseKey(hRegistryKey);
  5658. }
  5660. return dwReturn;
  5661. }
  5663. ///////////////////////////////////////////////////////////////////////////////////////////
  5664. //
  5665. // Function : PrintAddr
  5666. //
  5667. // Date of Creation: 9-3-2001
  5668. //
  5669. // Parameters : IN ADDR addr
  5670. // IN NshHashTable& addressHash
  5671. // IN BOOL bResolveDNS
  5672. //
  5673. // Return : VOID
  5674. //
  5675. // Description : This function displays ip address in xxx.xxx.xxx.xxx format.
  5676. //
  5677. // Date Author Comments
  5678. //
  5679. ////////////////////////////////////////////////////////////////////////////////////////////
  5681. VOID
  5682. PrintAddr(
  5683. IN ADDR addr,
  5684. IN NshHashTable& addressHash,
  5685. IN BOOL bResolveDNS
  5686. )
  5687. {
  5688. struct in_addr inAddr;
  5690. LPSTR pszAddr = NULL;
  5691. LPTSTR pszWPAddr = NULL;
  5693. pszWPAddr = new _TCHAR[STR_ADDRLEN];
  5695. if(pszWPAddr == NULL)
  5696. {
  5697. PrintErrorMessage(WIN32_ERR, ERROR_OUTOFMEMORY, NULL);
  5698. BAIL_OUT;
  5699. }
  5701. ZeroMemory(pszWPAddr, STR_ADDRLEN * sizeof(_TCHAR));
  5703. if(addr.AddrType == IP_ADDR_WINS_SERVER)
  5704. {
  5705. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_WINS);
  5706. }
  5707. else if(addr.AddrType == IP_ADDR_DHCP_SERVER)
  5708. {
  5709. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DHCP);
  5710. }
  5711. else if(addr.AddrType == IP_ADDR_DNS_SERVER)
  5712. {
  5713. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_DNS);
  5714. }
  5715. else if(addr.AddrType == IP_ADDR_DEFAULT_GATEWAY)
  5716. {
  5717. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_GATEWAY);
  5718. }
  5719. else if (addr.AddrType == IP_ADDR_UNIQUE && addr.uIpAddr == IP_ADDRESS_ME && addr.uSubNetMask == IP_ADDRESS_MASK_NONE)
  5720. {
  5721. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PMYADD);
  5722. }
  5723. else if (addr.AddrType == IP_ADDR_SUBNET && addr.uIpAddr == SUBNET_ADDRESS_ANY && addr.uSubNetMask == SUBNET_MASK_ANY)
  5724. {
  5725. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PANYADD);
  5726. }
  5727. else
  5728. {
  5729. inAddr.s_addr = addr.uIpAddr;
  5730. pszAddr = inet_ntoa(inAddr);
  5731. if(pszAddr == NULL)
  5732. {
  5733. _tcsncpy(pszWPAddr, _TEXT(" "), _tcslen(_TEXT(" "))+1);//if inet_ntoa fails 16 spaces
  5734. }
  5735. else
  5736. {
  5737. _sntprintf(pszWPAddr, STR_ADDRLEN-1, _TEXT("%-16S"), pszAddr);
  5738. }
  5740. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PADD, pszWPAddr);
  5741. }
  5743. if (bResolveDNS)
  5744. {
  5745. PrintAddrStr(&addr, addressHash);
  5746. }
  5748. if (pszWPAddr)
  5749. {
  5750. delete [] pszWPAddr;
  5751. }
  5752. error:
  5753. return;
  5754. }
  5756. ///////////////////////////////////////////////////////////////////////////////////////////
  5757. //
  5758. //Function : PrintMask
  5759. //
  5760. //Date of Creation : 9-3-2001
  5761. //
  5762. //Parameters : IN ADDR addr
  5763. //
  5764. //Return : VOID
  5765. //
  5766. //Description : This function displays ip address in xxx.xxx.xxx.xxx format.
  5767. //
  5768. // Date Author Comments
  5769. //
  5770. //////////////////////////////////////////////////////////////////////////////////////////
  5772. VOID
  5773. PrintMask(
  5774. IN ADDR addr
  5775. )
  5776. {
  5777. struct in_addr inAddr;
  5778. LPSTR pszAddr = NULL;
  5779. LPTSTR pszWPAddr = NULL;
  5781. pszWPAddr = new _TCHAR[STR_ADDRLEN];
  5783. if(pszWPAddr == NULL)
  5784. {
  5785. PrintErrorMessage(WIN32_ERR, ERROR_OUTOFMEMORY, NULL);
  5786. BAIL_OUT;
  5787. }
  5789. ZeroMemory(pszWPAddr, STR_ADDRLEN * sizeof(_TCHAR));
  5791. inAddr.s_addr = addr.uSubNetMask;
  5792. pszAddr = inet_ntoa(inAddr);
  5794. if(pszAddr == NULL)
  5795. {
  5796. _tcsncpy(pszWPAddr, _TEXT(" "), _tcslen(_TEXT(" "))+1);//if inet_ntoa fails 15 spaces
  5797. }
  5798. else
  5799. {
  5800. _sntprintf(pszWPAddr, STR_ADDRLEN-1, _TEXT("%-15S"), pszAddr);
  5801. }
  5803. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_PADD, pszWPAddr);
  5804. if (pszWPAddr)
  5805. {
  5806. delete [] pszWPAddr;
  5807. }
  5808. error:
  5809. return;
  5810. }
  5812. ///////////////////////////////////////////////////////////////////////////////////////////
  5813. //
  5814. // Function : LongLongToString
  5815. //
  5816. // Date of Creation: 9-3-2001
  5817. //
  5818. // Parameters :
  5819. // IN DWORD dwHigh,
  5820. // IN DWORD dwLow,
  5821. // IN int iPrintCommas
  5822. //
  5823. // Return : LPTSTR
  5824. //
  5825. // Description: This routine will make a pretty string to match an input long-long,
  5826. // and return it. If iPrintCommas is set, it will put in commas.
  5827. //
  5828. // Date Author Comments
  5829. //
  5830. //////////////////////////////////////////////////////////////////////////////////////////
  5832. LPSTR
  5833. LongLongToString(
  5834. IN DWORD dwHigh,
  5835. IN DWORD dwLow,
  5836. IN int iPrintCommas
  5837. )
  5838. {
  5839. char cFourGig[]="4294967296"; // "four gigabytes"
  5840. char cBuf[POTF_MAX_STRLEN]={0};
  5841. char cRes[POTF_MAX_STRLEN]={0}, cFullRes[POTF_MAX_STRLEN]={0}, *cRet = NULL;
  5842. DWORD dwPos= 0, dwPosRes =0, dwThreeCount =0;
  5844. // First, multiply the high dword by decimal 2^32 to
  5845. // get the right decimal value for it.
  5846. _snprintf(cBuf,POTF_MAX_STRLEN, "%u",dwHigh);
  5847. cBuf[POTF_MAX_STRLEN -1] = 0;
  5848. AscMultUint(cRes,cBuf,cFourGig);
  5850. // next, add in the low DWORD (fine as it is)
  5851. // to the previous product
  5852. _snprintf(cBuf,POTF_MAX_STRLEN, "%u",dwLow);
  5853. cBuf[POTF_MAX_STRLEN -1] = 0;
  5854. AscAddUint(cFullRes, cRes, cBuf);
  5856. // Finally, copy the buffer with commas.
  5858. dwPos = 0;
  5859. dwPosRes = 0;
  5860. dwThreeCount = strlen(cFullRes)%3;
  5861. while(cFullRes[dwPosRes] != '\0')
  5862. {
  5863. cBuf[dwPos++] = cFullRes[dwPosRes++];
  5865. dwThreeCount +=2; // Same as subtracting one for modulo math
  5867. if ((!(dwThreeCount%3))&&(cFullRes[dwPosRes] != '\0')&&(iPrintCommas))
  5868. {
  5869. cBuf[dwPos++]=',';
  5870. }
  5872. if(dwPos == 254)
  5873. break;
  5874. }
  5876. cBuf[dwPos] = '\0';
  5878. cRet = (LPSTR)malloc(255);
  5879. if(cRet) //Allocation failure is checked in parent function
  5880. {
  5881. memset(cRet, 0, 255);
  5882. strncpy(cRet, cBuf, 255);
  5883. cRet[254] = 0;
  5884. }
  5885. return(cRet);
  5886. }
  5888. ///////////////////////////////////////////////////////////////////////////////////////////
  5889. //
  5890. // Function : AscMultUint
  5891. //
  5892. // Date of Creation: 9-3-2001
  5893. //
  5894. // Parameters : IN LPSTR cProduct,
  5895. // IN LPSTR cA,
  5896. // IN LPSTR cB
  5897. //
  5898. // Return : DWORD (0 on success, else failure code.)
  5899. //
  5900. // Description : This routine will add two arbitrarily long ascii strings. It makes several
  5901. // assumptions about them.
  5902. // 1) the string is null terminated.
  5903. // 2) The LSB is the last char of the string. "1000000" is a million
  5904. // 3) There are no signs or decimal points.
  5905. // 4) The cProduct buffer is large enough to store the result
  5906. // 5) The product will require 254 bytes or less.
  5907. //
  5908. //Revision History :
  5909. //
  5910. // Date Author Comments
  5911. //
  5912. //////////////////////////////////////////////////////////////////////////////////////////
  5914. DWORD
  5915. AscMultUint(
  5916. IN LPSTR cProduct,
  5917. IN LPSTR cA,
  5918. IN LPSTR cB
  5919. )
  5920. {
  5921. int iALen =0, iBLen =0;
  5922. int i=0,j=0,k=0, iCarry=0;
  5923. char cTmp[POTF_MAX_STRLEN]={0};
  5925. // Verify parameters
  5927. if ((cA == NULL) || (cB == NULL) || (cProduct == NULL))
  5928. {
  5929. return((DWORD)-1);
  5930. }
  5932. iALen = strlen(cA);
  5933. iBLen = strlen(cB);
  5935. // We will multiply the traditional longhand way: for each digit in
  5936. // cA, we will multiply it against cB and add the incremental result
  5937. // into our temporary product.
  5939. // for each digit of the first multiplicand
  5941. for (i=0; i < iALen; i++)
  5942. {
  5943. iCarry = 0;
  5945. // for each digit of the second multiplicand
  5947. for(j=0; j < iBLen; j++)
  5948. {
  5949. // calculate this digit's value
  5951. k = ((int) cA[iALen-i-1]-'0') * ((int) cB[iBLen-j-1]-'0');
  5952. k += iCarry;
  5954. // Add it in to the appropriate place in the result
  5956. if (cTmp[i+j] != '\0')
  5957. {
  5958. k += (int) cTmp[i+j] - '0';
  5959. }
  5960. cTmp[i+j] = '0' + (char)(k % 10);
  5961. iCarry = k/10;
  5962. }
  5964. // Take care of the straggler carry. If the higher
  5965. // digits happen to be '9999' then this can require
  5966. // a loop.
  5968. while (iCarry)
  5969. {
  5970. if (cTmp[i+j] != '\0')
  5971. {
  5972. iCarry += cTmp[i+j] - '0';
  5973. }
  5974. cTmp[i+j] = '0' + (char)(iCarry%10);
  5975. iCarry /= 10;
  5976. j++;
  5977. }
  5978. }
  5980. // Now that we've got the entire number, reverse it and put it back in the dest.
  5982. // Skip leading 0's.
  5984. i = strlen(cTmp) - 1;
  5986. while ((i > 0)&&(cTmp[i] == '0'))
  5987. {
  5988. i--;
  5989. }
  5991. // Copy the product.
  5993. j = 0;
  5994. while (i >= 0)
  5995. {
  5996. cProduct[j++] = cTmp[i--];
  5997. }
  5999. cProduct[j] = '\0';
  6001. // We're done. Return 0 for success!
  6003. return(0);
  6004. }
  6007. ///////////////////////////////////////////////////////////////////////////////////////////
  6008. //
  6009. // Function : AscAddUint
  6010. //
  6011. // Date of Creation: 9-3-2001
  6012. //
  6013. // Parameters : IN LPSTR cSum,
  6014. // IN LPSTR cA,
  6015. // IN LPSTR cB
  6016. //
  6017. // Return : DWORD(0 on success, else failure code.)
  6018. //
  6019. // Description : This routine will add two arbitrarily long ascii strings. It makes several
  6020. // assumptions about them.
  6021. //
  6022. // 1) the string is null terminated.
  6023. // 2) The LSB is the last char of the string. "1000000" is a million
  6024. // 3) There are no signs or decimal points.
  6025. // 4) The cSum buffer is large enough to store the result
  6026. // 5) The sum will require 254 bytes or less.
  6027. //
  6028. // Revision History:
  6029. //
  6030. // Date Author Comments
  6031. //
  6032. //////////////////////////////////////////////////////////////////////////////////////////
  6034. DWORD
  6035. AscAddUint(
  6036. IN LPSTR cSum,
  6037. IN LPSTR cA,
  6038. IN LPSTR cB
  6039. )
  6040. {
  6041. int iALen=0, iBLen=0, iBiggerLen=0;
  6042. int i=0,j=0,k=0, iCarry=0;
  6043. char cTmp[POTF_MAX_STRLEN]={0}, *cBigger=NULL;
  6045. // Verify parameters
  6046. if ((cA == NULL) || (cB == NULL) || (cSum == NULL))
  6047. {
  6048. return((DWORD)-1);
  6049. }
  6051. iALen = strlen(cA);
  6052. iBLen = strlen(cB);
  6053. iCarry = 0;
  6055. // Loop through, adding the values. Our result string will be
  6056. // backwards, we'll straighten it out when we copy it to the
  6057. // cSum buffer.
  6058. for (i=0; (i < iALen) && (i < iBLen); i++)
  6059. {
  6060. // Figure out the actual decimal value of the add.
  6061. k = (int) (cA[iALen-i-1] + cB[iBLen-i-1] + iCarry);
  6062. k -= 2 * '0';
  6064. // Set the carry as appropriate
  6065. iCarry = k/10;
  6067. // Set the current digit's value.
  6068. cTmp[i] = '0' + (char)(k%10);
  6069. }
  6071. // At this point, all digits present in both strings have been added.
  6072. // In other words, "12345" + "678901", "12345" has been added to "78901"
  6073. // The next step is to account for the high-order digits of the larger number.
  6075. if (iALen > iBLen)
  6076. {
  6077. cBigger = cA;
  6078. iBiggerLen = iALen;
  6079. }
  6080. else
  6081. {
  6082. cBigger = cB;
  6083. iBiggerLen = iBLen;
  6084. }
  6086. while (i < iBiggerLen)
  6087. {
  6088. k = cBigger[iBiggerLen - i - 1] + iCarry - '0';
  6090. // Set the carry as appropriate
  6091. iCarry = k/10;
  6093. // Set the current digit's value.
  6094. cTmp[i] = '0' + (char)(k%10);
  6095. i++;
  6096. }
  6098. // Finally, we might still have a set carry to put in the next
  6099. // digit.
  6101. if (iCarry)
  6102. {
  6103. cTmp[i++] = '0' + (char)iCarry;
  6104. }
  6106. // Now that we've got the entire number, reverse it and put it back in the dest.
  6107. // Skip leading 0's.
  6108. i = strlen(cTmp) - 1;
  6110. while ((i > 0)&&(cTmp[i] == '0'))
  6111. {
  6112. i--;
  6113. }
  6115. // and copy the number.
  6116. j = 0;
  6117. while (i >= 0)
  6118. {
  6119. cSum[j++] = cTmp[i--];
  6120. }
  6122. cSum[j] = '\0';
  6124. // We're done. Return 0 for success!
  6125. return(0);
  6126. }
  6129. ///////////////////////////////////////////////////////////////////////////////////////////
  6130. //
  6131. // Function : PrintAddrStr
  6132. //
  6133. // Date of Creation: 9-3-2001
  6134. //
  6135. // Parameters : IN PADDR ResolveAddress
  6136. // IN NshHashTable& addressHash
  6137. //
  6138. // Return : VOID
  6139. //
  6140. // Description : Resolves IP address number to char string.
  6141. //
  6142. // Revision History:
  6143. //
  6144. // Date Author Comments
  6145. //
  6146. //////////////////////////////////////////////////////////////////////////////////////////
  6148. VOID
  6149. PrintAddrStr(
  6150. IN PADDR pResolveAddress,
  6151. IN NshHashTable& addressHash,
  6152. IN UINT uiFormat
  6153. )
  6154. {
  6155. switch(pResolveAddress->AddrType)
  6156. {
  6157. case IP_ADDR_WINS_SERVER:
  6158. case IP_ADDR_DHCP_SERVER:
  6159. case IP_ADDR_DNS_SERVER:
  6160. case IP_ADDR_DEFAULT_GATEWAY:
  6161. case IP_ADDR_SUBNET:
  6162. //no resolve required for them... They are self explanatory...
  6163. break;
  6164. default:
  6165. ULONG uIpAddr = pResolveAddress->uIpAddr;
  6166. const char* name = addressHash.Find(uIpAddr);
  6167. if (name == 0)
  6168. {
  6169. HOSTENT* pHostEnt = gethostbyaddr((char *)&uIpAddr, 4, pResolveAddress->AddrType);
  6170. if (pHostEnt)
  6171. {
  6172. name = pHostEnt->h_name;
  6173. }
  6174. else
  6175. {
  6176. name = " ";
  6177. }
  6178. addressHash.Insert(uIpAddr, name);
  6179. }
  6180. PrintMessageFromModule(g_hModule, uiFormat, name);
  6181. break;
  6182. }
  6183. }
  6186. UINT QMPFSDHGroup(DWORD dwPFSGroup)
  6187. {
  6188. UINT PFSGroup;
  6189. switch (dwPFSGroup)
  6190. {
  6191. case PFS_GROUP_MM:
  6192. PFSGroup = DYNAMIC_SHOW_QMP_MM_DH_GROUP;
  6193. break;
  6194. case PFS_GROUP_1:
  6195. PFSGroup = DYNAMIC_SHOW_QMP_DH_GROUP_LOW;
  6196. break;
  6197. case PFS_GROUP_2:
  6198. PFSGroup = DYNAMIC_SHOW_QMP_DH_GROUP_MEDIUM;
  6199. break;
  6200. case PFS_GROUP_2048:
  6201. PFSGroup = DYNAMIC_SHOW_QMP_DH_GROUP_HIGH;
  6202. break;
  6203. default:
  6204. PFSGroup = DYNAMIC_SHOW_QMP_PFS_NONE;
  6205. break;
  6206. }
  6207. return PFSGroup;
  6208. }
  6211. // NshHashTable implementation
  6214. NshHashTable::NshHashTable() throw ()
  6215. {
  6216. for(size_t i = 0; i < NSHHASHTABLESIZE; ++i)
  6217. {
  6218. NsuListInitialize(&table[i]);;
  6219. }
  6220. }
  6223. NshHashTable::~NshHashTable() throw ()
  6224. {
  6225. Clear();
  6226. }
  6229. DWORD NshHashTable::Insert(UINT uiNewKey, const char* szNewData) throw ()
  6230. {
  6231. size_t hash = Hash(uiNewKey);
  6232. if (Find(uiNewKey, hash) != 0)
  6233. {
  6234. return ERROR_DUPLICATE_TAG;
  6235. }
  6237. HashEntry* entry = new HashEntry(&table[hash], uiNewKey, szNewData);
  6238. if (entry == 0)
  6239. {
  6240. delete entry;
  6241. return ERROR_NOT_ENOUGH_MEMORY;
  6242. }
  6244. return ERROR_SUCCESS;
  6245. }
  6248. void NshHashTable::Clear() throw ()
  6249. {
  6250. for (size_t i = 0; i < NSHHASHTABLESIZE; ++i)
  6251. {
  6252. PNSU_LIST_ENTRY pListEntry = NsuListRemoveFront(&table[i]);
  6253. while (pListEntry)
  6254. {
  6255. NsuListEntryRemove(pListEntry);
  6256. const HashEntry* pEntry = HashEntry::Get(pListEntry);
  6257. delete(pEntry);
  6258. pListEntry = NsuListRemoveFront(&table[i]);
  6259. }
  6260. }
  6261. }
  6264. const char* NshHashTable::Find(UINT uiKey) const throw ()
  6265. {
  6266. return Find(uiKey, Hash(uiKey));
  6267. }
  6270. const char* NshHashTable::Find(UINT uiKey, size_t hash) const throw ()
  6271. {
  6272. const HashEntry* entry = FindEntry(uiKey, hash);
  6273. return (entry == 0) ? NULL : entry->Data();
  6274. }
  6277. size_t NshHashTable::Hash(UINT uiKey) const throw ()
  6278. {
  6279. return uiKey % NSHHASHTABLESIZE;
  6280. }
  6283. const NshHashTable::HashEntry* NshHashTable::FindEntry(
  6284. UINT uiKey,
  6285. size_t hash
  6286. ) const throw ()
  6287. {
  6288. NSU_LIST_ITERATOR iterator;
  6289. NsuListIteratorInitialize(&iterator, (PNSU_LIST)&table[hash], 0);
  6290. while (!NsuListIteratorAtEnd(&iterator))
  6291. {
  6292. PNSU_LIST_ENTRY pListEntry = NsuListIteratorCurrent(&iterator);
  6293. const HashEntry* pEntry = HashEntry::Get(pListEntry);
  6294. if (pEntry->Key() == uiKey)
  6295. {
  6296. return pEntry;
  6297. }
  6298. NsuListIteratorNext(&iterator);
  6299. }
  6300. return 0;
  6301. }
  6304. NshHashTable::HashEntry::HashEntry(
  6305. PNSU_LIST pList,
  6306. UINT uiNewKey,
  6307. const char* szNewData
  6308. ) throw ()
  6309. : listEntry(),
  6310. key(uiNewKey)
  6311. {
  6312. NsuListInsertFront(pList, &listEntry);
  6313. char* szTempData;
  6314. NsuStringDupA(&szTempData, 1024, szNewData);
  6315. data = szTempData;
  6316. }
  6319. NshHashTable::HashEntry::~HashEntry() throw ()
  6320. {
  6321. NsuFree(reinterpret_cast<void**>(const_cast<char**>(&data)));
  6322. }
  6325. const NshHashTable::HashEntry* NshHashTable::HashEntry::Get(PNSU_LIST_ENTRY pEntry) throw ()
  6326. {
  6327. return NsuListEntryGetData(pEntry, HashEntry, HashEntry::listEntry);
  6328. }
  6331. UINT NshHashTable::HashEntry::Key() const throw ()
  6332. {
  6333. return key;
  6334. }
  6337. const char* NshHashTable::HashEntry::Data() const throw ()
  6338. {
  6339. return data;
  6340. }