archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/net/ipsec/spd/server/pamm-fil.c

618 lines
12 KiB
Raw Normal View History

Add source files
4 years ago
  3. #include "precomp.h"
  6. DWORD
  7. PAAddMMFilters(
  8. PIPSEC_ISAKMP_DATA pIpsecISAKMPData,
  9. PIPSEC_NFA_DATA * ppIpsecNFAData,
  10. DWORD dwNumNFACount
  11. )
  12. {
  13. DWORD dwError = 0;
  14. DWORD i = 0;
  17. for (i = 0; i < dwNumNFACount; i++) {
  19. dwError = PAAddMMFilterSpecs(
  20. pIpsecISAKMPData,
  21. *(ppIpsecNFAData + i)
  22. );
  24. }
  26. return (dwError);
  27. }
  30. DWORD
  31. PAAddMMFilterSpecs(
  32. PIPSEC_ISAKMP_DATA pIpsecISAKMPData,
  33. PIPSEC_NFA_DATA pIpsecNFAData
  34. )
  35. {
  36. DWORD dwError = 0;
  37. PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
  38. PIPSEC_FILTER_DATA pIpsecFilterData = NULL;
  39. PMMPOLICYSTATE pMMPolicyState = NULL;
  40. PMMAUTHSTATE pMMAuthState = NULL;
  41. DWORD dwNumFilterSpecs = 0;
  42. PIPSEC_FILTER_SPEC * ppFilterSpecs = NULL;
  43. DWORD i = 0;
  44. PMMFILTERSTATE pMMFilterState = NULL;
  45. PMM_FILTER pSPDMMFilter = NULL;
  46. LPWSTR pServerName = NULL;
  47. DWORD dwPersist = 0;
  50. pIpsecNegPolData = pIpsecNFAData->pIpsecNegPolData;
  52. if (!memcmp(
  53. &(pIpsecNegPolData->NegPolType),
  54. &(GUID_NEGOTIATION_TYPE_DEFAULT),
  55. sizeof(GUID))) {
  56. dwError = ERROR_SUCCESS;
  57. return (dwError);
  58. }
  60. if (IsClearOnly(pIpsecNegPolData->NegPolAction) ||
  61. IsBlocking(pIpsecNegPolData->NegPolAction)) {
  62. dwError = ERROR_SUCCESS;
  63. return (dwError);
  64. }
  66. pIpsecFilterData = pIpsecNFAData->pIpsecFilterData;
  68. if (!pIpsecFilterData) {
  69. dwError = ERROR_SUCCESS;
  70. return (dwError);
  71. }
  73. pMMPolicyState = FindMMPolicyState(
  74. pIpsecISAKMPData->ISAKMPIdentifier
  75. );
  76. if (!pMMPolicyState || !(pMMPolicyState->bInSPD)) {
  77. dwError = ERROR_INVALID_PARAMETER;
  78. return (dwError);
  79. }
  81. pMMAuthState = FindMMAuthState(
  82. pIpsecNFAData->NFAIdentifier
  83. );
  84. if (!pMMAuthState || !(pMMAuthState->bInSPD)) {
  85. dwError = ERROR_INVALID_PARAMETER;
  86. return (dwError);
  87. }
  89. dwNumFilterSpecs = pIpsecFilterData->dwNumFilterSpecs;
  90. ppFilterSpecs = pIpsecFilterData->ppFilterSpecs;
  93. for (i = 0; i < dwNumFilterSpecs; i++) {
  95. dwError = PACreateMMFilterState(
  96. pIpsecISAKMPData,
  97. pIpsecNFAData,
  98. *(ppFilterSpecs + i),
  99. &pMMFilterState
  100. );
  101. if (dwError) {
  102. continue;
  103. }
  105. dwError = PACreateMMFilter(
  106. pIpsecISAKMPData,
  107. pIpsecNFAData,
  108. *(ppFilterSpecs + i),
  109. &pSPDMMFilter
  110. );
  111. if (dwError) {
  113. pMMFilterState->hMMFilter = NULL;
  115. pMMFilterState->pNext = gpMMFilterState;
  116. gpMMFilterState = pMMFilterState;
  118. continue;
  120. }
  122. dwError = AddMMFilter(
  123. pServerName,
  124. dwPersist,
  125. pSPDMMFilter,
  126. &(pMMFilterState->hMMFilter)
  127. );
  129. pMMFilterState->pNext = gpMMFilterState;
  130. gpMMFilterState = pMMFilterState;
  132. PAFreeMMFilter(pSPDMMFilter);
  134. }
  136. return (dwError);
  137. }
  140. DWORD
  141. PACreateMMFilterState(
  142. PIPSEC_ISAKMP_DATA pIpsecISAKMPData,
  143. PIPSEC_NFA_DATA pIpsecNFAData,
  144. PIPSEC_FILTER_SPEC pFilterSpec,
  145. PMMFILTERSTATE * ppMMFilterState
  146. )
  147. {
  148. DWORD dwError = 0;
  149. PMMFILTERSTATE pMMFilterState = NULL;
  152. dwError = AllocateSPDMemory(
  153. sizeof(MMFILTERSTATE),
  154. &pMMFilterState
  155. );
  156. BAIL_ON_WIN32_ERROR(dwError);
  158. memcpy(
  159. &(pMMFilterState->gFilterID),
  160. &(pFilterSpec->FilterSpecGUID),
  161. sizeof(GUID)
  162. );
  164. memcpy(
  165. &(pMMFilterState->gPolicyID),
  166. &(pIpsecISAKMPData->ISAKMPIdentifier),
  167. sizeof(GUID)
  168. );
  170. memcpy(
  171. &(pMMFilterState->gMMAuthID),
  172. &(pIpsecNFAData->NFAIdentifier),
  173. sizeof(GUID)
  174. );
  176. pMMFilterState->hMMFilter = NULL;
  177. pMMFilterState->pNext = NULL;
  179. *ppMMFilterState = pMMFilterState;
  181. return (dwError);
  183. error:
  185. *ppMMFilterState = NULL;
  187. return (dwError);
  188. }
  191. DWORD
  192. PACreateMMFilter(
  193. PIPSEC_ISAKMP_DATA pIpsecISAKMPData,
  194. PIPSEC_NFA_DATA pIpsecNFAData,
  195. PIPSEC_FILTER_SPEC pFilterSpec,
  196. PMM_FILTER * ppSPDMMFilter
  197. )
  198. {
  199. DWORD dwError = 0;
  200. PMM_FILTER pSPDMMFilter = NULL;
  201. WCHAR pszName[512];
  204. dwError = AllocateSPDMemory(
  205. sizeof(MM_FILTER),
  206. &pSPDMMFilter
  207. );
  208. BAIL_ON_WIN32_ERROR(dwError);
  210. memcpy(
  211. &(pSPDMMFilter->gFilterID),
  212. &(pFilterSpec->FilterSpecGUID),
  213. sizeof(GUID)
  214. );
  216. if (pFilterSpec->pszDescription && *(pFilterSpec->pszDescription)) {
  218. dwError = AllocateSPDString(
  219. pFilterSpec->pszDescription,
  220. &(pSPDMMFilter->pszFilterName)
  221. );
  222. BAIL_ON_WIN32_ERROR(dwError);
  224. }
  225. else {
  227. wsprintf(pszName, L"%d", ++gdwMMFilterCounter);
  229. dwError = AllocateSPDString(
  230. pszName,
  231. &(pSPDMMFilter->pszFilterName)
  232. );
  233. BAIL_ON_WIN32_ERROR(dwError);
  235. }
  237. PASetInterfaceType(
  238. pIpsecNFAData->dwInterfaceType,
  239. &(pSPDMMFilter->InterfaceType)
  240. );
  242. pSPDMMFilter->bCreateMirror = (BOOL) pFilterSpec->dwMirrorFlag;
  244. pSPDMMFilter->dwFlags = 0;
  246. if (!(pIpsecNFAData->dwTunnelFlags)) {
  248. PASetAddress(
  249. pFilterSpec->Filter.SrcMask,
  250. pFilterSpec->Filter.SrcAddr,
  251. &(pSPDMMFilter->SrcAddr)
  252. );
  254. PASetAddress(
  255. pFilterSpec->Filter.DestMask,
  256. pFilterSpec->Filter.DestAddr,
  257. &(pSPDMMFilter->DesAddr)
  258. );
  260. }
  261. else {
  263. PASetAddress(
  264. IP_ADDRESS_MASK_NONE,
  265. IP_ADDRESS_ME,
  266. &(pSPDMMFilter->SrcAddr)
  267. );
  268. pSPDMMFilter->bCreateMirror = TRUE;
  270. PASetTunnelAddress(
  271. ((ULONG) pIpsecNFAData->dwTunnelIpAddr),
  272. &(pSPDMMFilter->DesAddr)
  273. );
  275. }
  277. pSPDMMFilter->dwDirection = 0;
  279. pSPDMMFilter->dwWeight = 0;
  281. memcpy(
  282. &(pSPDMMFilter->gPolicyID),
  283. &(pIpsecISAKMPData->ISAKMPIdentifier),
  284. sizeof(GUID)
  285. );
  287. memcpy(
  288. &(pSPDMMFilter->gMMAuthID),
  289. &(pIpsecNFAData->NFAIdentifier),
  290. sizeof(GUID)
  291. );
  293. *ppSPDMMFilter = pSPDMMFilter;
  295. return (dwError);
  297. error:
  299. if (pSPDMMFilter) {
  300. PAFreeMMFilter(
  301. pSPDMMFilter
  302. );
  303. }
  305. *ppSPDMMFilter = NULL;
  307. return (dwError);
  308. }
  311. VOID
  312. PASetInterfaceType(
  313. DWORD dwInterfaceType,
  314. PIF_TYPE pInterfaceType
  315. )
  316. {
  317. if (dwInterfaceType == PASTORE_IF_TYPE_DIALUP) {
  318. *pInterfaceType = INTERFACE_TYPE_DIALUP;
  319. }
  320. else if (dwInterfaceType == PASTORE_IF_TYPE_LAN) {
  321. *pInterfaceType = INTERFACE_TYPE_LAN;
  322. }
  323. else {
  324. *pInterfaceType = INTERFACE_TYPE_ALL;
  325. }
  326. }
  329. VOID
  330. PASetAddress(
  331. ULONG uMask,
  332. ULONG uAddr,
  333. PADDR pAddr
  334. )
  335. {
  336. if (uMask == IP_ADDRESS_MASK_NONE) {
  337. pAddr->AddrType = IP_ADDR_UNIQUE;
  338. pAddr->uIpAddr = uAddr;
  339. pAddr->uSubNetMask = uMask;
  340. }
  341. else {
  342. pAddr->AddrType = IP_ADDR_SUBNET;
  343. pAddr->uIpAddr = uAddr;
  344. pAddr->uSubNetMask = uMask;
  345. }
  346. }
  349. VOID
  350. PASetTunnelAddress(
  351. ULONG uAddr,
  352. PADDR pAddr
  353. )
  354. {
  355. if (uAddr == SUBNET_ADDRESS_ANY) {
  356. pAddr->AddrType = IP_ADDR_SUBNET;
  357. pAddr->uIpAddr = uAddr;
  358. pAddr->uSubNetMask = SUBNET_MASK_ANY;
  359. }
  360. else {
  361. pAddr->AddrType = IP_ADDR_UNIQUE;
  362. pAddr->uIpAddr = uAddr;
  363. pAddr->uSubNetMask = IP_ADDRESS_MASK_NONE;
  364. }
  365. }
  368. VOID
  369. PAFreeMMFilter(
  370. PMM_FILTER pSPDMMFilter
  371. )
  372. {
  373. if (pSPDMMFilter) {
  375. if (pSPDMMFilter->pszFilterName) {
  376. FreeSPDString(pSPDMMFilter->pszFilterName);
  377. }
  379. FreeSPDMemory(pSPDMMFilter);
  381. }
  383. return;
  384. }
  387. DWORD
  388. PADeleteAllMMFilters(
  389. )
  390. {
  391. DWORD dwError = 0;
  392. PMMFILTERSTATE pMMFilterState = NULL;
  393. PMMFILTERSTATE pTemp = NULL;
  394. PMMFILTERSTATE pLeftMMFilterState = NULL;
  397. pMMFilterState = gpMMFilterState;
  399. while (pMMFilterState) {
  401. if (pMMFilterState->hMMFilter) {
  403. dwError = DeleteMMFilter(
  404. pMMFilterState->hMMFilter
  405. );
  406. if (!dwError) {
  407. pTemp = pMMFilterState;
  408. pMMFilterState = pMMFilterState->pNext;
  409. FreeSPDMemory(pTemp);
  410. }
  411. else {
  412. pTemp = pMMFilterState;
  413. pMMFilterState = pMMFilterState->pNext;
  415. pTemp->pNext = pLeftMMFilterState;
  416. pLeftMMFilterState = pTemp;
  417. }
  419. }
  420. else {
  422. pTemp = pMMFilterState;
  423. pMMFilterState = pMMFilterState->pNext;
  424. FreeSPDMemory(pTemp);
  426. }
  428. }
  430. gpMMFilterState = pLeftMMFilterState;
  432. return (dwError);
  433. }
  436. VOID
  437. PAFreeMMFilterStateList(
  438. PMMFILTERSTATE pMMFilterState
  439. )
  440. {
  441. PMMFILTERSTATE pTemp = NULL;
  444. while (pMMFilterState) {
  446. pTemp = pMMFilterState;
  447. pMMFilterState = pMMFilterState->pNext;
  448. FreeSPDMemory(pTemp);
  450. }
  451. }
  454. DWORD
  455. PADeleteMMFilters(
  456. PIPSEC_ISAKMP_DATA pIpsecISAKMPData,
  457. PIPSEC_NFA_DATA * ppIpsecNFAData,
  458. DWORD dwNumNFACount
  459. )
  460. {
  461. DWORD dwError = 0;
  462. DWORD i = 0;
  465. for (i = 0; i < dwNumNFACount; i++) {
  467. dwError = PADeleteMMFilterSpecs(
  468. pIpsecISAKMPData,
  469. *(ppIpsecNFAData + i)
  470. );
  472. }
  474. return (dwError);
  475. }
  478. DWORD
  479. PADeleteMMFilterSpecs(
  480. PIPSEC_ISAKMP_DATA pIpsecISAKMPData,
  481. PIPSEC_NFA_DATA pIpsecNFAData
  482. )
  483. {
  484. DWORD dwError = 0;
  485. PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
  486. PIPSEC_FILTER_DATA pIpsecFilterData = NULL;
  487. DWORD dwNumFilterSpecs = 0;
  488. PIPSEC_FILTER_SPEC * ppFilterSpecs = NULL;
  489. DWORD i = 0;
  490. PIPSEC_FILTER_SPEC pFilterSpec = NULL;
  493. pIpsecNegPolData = pIpsecNFAData->pIpsecNegPolData;
  495. if (!memcmp(
  496. &(pIpsecNegPolData->NegPolType),
  497. &(GUID_NEGOTIATION_TYPE_DEFAULT),
  498. sizeof(GUID))) {
  499. dwError = ERROR_SUCCESS;
  500. return (dwError);
  501. }
  503. if (IsClearOnly(pIpsecNegPolData->NegPolAction) ||
  504. IsBlocking(pIpsecNegPolData->NegPolAction)) {
  505. dwError = ERROR_SUCCESS;
  506. return (dwError);
  507. }
  509. pIpsecFilterData = pIpsecNFAData->pIpsecFilterData;
  511. if (!pIpsecFilterData) {
  512. dwError = ERROR_SUCCESS;
  513. return (dwError);
  514. }
  516. dwNumFilterSpecs = pIpsecFilterData->dwNumFilterSpecs;
  517. ppFilterSpecs = pIpsecFilterData->ppFilterSpecs;
  519. for (i = 0; i < dwNumFilterSpecs; i++) {
  521. pFilterSpec = *(ppFilterSpecs + i);
  523. dwError = PADeleteMMFilter(
  524. pFilterSpec->FilterSpecGUID
  525. );
  527. }
  529. return (dwError);
  530. }
  533. DWORD
  534. PADeleteMMFilter(
  535. GUID gFilterID
  536. )
  537. {
  538. DWORD dwError = 0;
  539. PMMFILTERSTATE pMMFilterState = NULL;
  542. pMMFilterState = FindMMFilterState(
  543. gFilterID
  544. );
  545. if (!pMMFilterState) {
  546. dwError = ERROR_SUCCESS;
  547. return (dwError);
  548. }
  550. if (pMMFilterState->hMMFilter) {
  552. dwError = DeleteMMFilter(
  553. pMMFilterState->hMMFilter
  554. );
  555. BAIL_ON_WIN32_ERROR(dwError);
  557. }
  559. PADeleteMMFilterState(pMMFilterState);
  561. error:
  563. return (dwError);
  564. }
  567. VOID
  568. PADeleteMMFilterState(
  569. PMMFILTERSTATE pMMFilterState
  570. )
  571. {
  572. PMMFILTERSTATE * ppTemp = NULL;
  575. ppTemp = &gpMMFilterState;
  577. while (*ppTemp) {
  579. if (*ppTemp == pMMFilterState) {
  580. break;
  581. }
  582. ppTemp = &((*ppTemp)->pNext);
  584. }
  586. if (*ppTemp) {
  587. *ppTemp = pMMFilterState->pNext;
  588. }
  590. FreeSPDMemory(pMMFilterState);
  592. return;
  593. }
  596. PMMFILTERSTATE
  597. FindMMFilterState(
  598. GUID gFilterID
  599. )
  600. {
  601. PMMFILTERSTATE pMMFilterState = NULL;
  604. pMMFilterState = gpMMFilterState;
  606. while (pMMFilterState) {
  608. if (!memcmp(&(pMMFilterState->gFilterID), &gFilterID, sizeof(GUID))) {
  609. return (pMMFilterState);
  610. }
  612. pMMFilterState = pMMFilterState->pNext;
  614. }
  616. return (NULL);
  617. }