archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/net/ipsec/spd/server/patn-fil.c

494 lines
10 KiB
Raw Normal View History

Add source files
4 years ago
  3. #include "precomp.h"
  6. DWORD
  7. PAAddTnFilterSpecs(
  8. PIPSEC_NFA_DATA pIpsecNFAData
  9. )
  10. {
  11. DWORD dwError = 0;
  12. PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
  13. PIPSEC_FILTER_DATA pIpsecFilterData = NULL;
  14. PQMPOLICYSTATE pQMPolicyState = NULL;
  15. DWORD dwNumFilterSpecs = 0;
  16. PIPSEC_FILTER_SPEC * ppFilterSpecs = NULL;
  17. DWORD i = 0;
  18. PTNFILTERSTATE pTnFilterState = NULL;
  19. PTUNNEL_FILTER pSPDTnFilter = NULL;
  20. LPWSTR pServerName = NULL;
  21. DWORD dwPersist = 0;
  24. pIpsecNegPolData = pIpsecNFAData->pIpsecNegPolData;
  26. if (!memcmp(
  27. &(pIpsecNegPolData->NegPolType),
  28. &(GUID_NEGOTIATION_TYPE_DEFAULT),
  29. sizeof(GUID))) {
  30. dwError = ERROR_SUCCESS;
  31. return (dwError);
  32. }
  34. pIpsecFilterData = pIpsecNFAData->pIpsecFilterData;
  36. if (!pIpsecFilterData) {
  37. dwError = ERROR_SUCCESS;
  38. return (dwError);
  39. }
  41. pQMPolicyState = FindQMPolicyState(
  42. pIpsecNegPolData->NegPolIdentifier
  43. );
  44. if (!pQMPolicyState) {
  45. dwError = ERROR_INVALID_PARAMETER;
  46. return (dwError);
  47. }
  49. if (!IsClearOnly(pQMPolicyState->gNegPolAction) &&
  50. !IsBlocking(pQMPolicyState->gNegPolAction) &&
  51. !(pQMPolicyState->bInSPD)) {
  52. dwError = ERROR_INVALID_PARAMETER;
  53. return (dwError);
  54. }
  56. dwNumFilterSpecs = pIpsecFilterData->dwNumFilterSpecs;
  57. ppFilterSpecs = pIpsecFilterData->ppFilterSpecs;
  60. for (i = 0; i < dwNumFilterSpecs; i++) {
  62. dwError = PACreateTnFilterState(
  63. pIpsecNegPolData,
  64. pIpsecNFAData,
  65. *(ppFilterSpecs + i),
  66. &pTnFilterState
  67. );
  68. if (dwError) {
  69. continue;
  70. }
  72. dwError = PACreateTnFilter(
  73. pIpsecNegPolData,
  74. pIpsecNFAData,
  75. *(ppFilterSpecs + i),
  76. pQMPolicyState,
  77. &pSPDTnFilter
  78. );
  79. if (dwError) {
  81. pTnFilterState->hTnFilter = NULL;
  83. pTnFilterState->pNext = gpTnFilterState;
  84. gpTnFilterState = pTnFilterState;
  86. continue;
  88. }
  90. dwError = AddTunnelFilter(
  91. pServerName,
  92. dwPersist,
  93. pSPDTnFilter,
  94. &(pTnFilterState->hTnFilter)
  95. );
  97. pTnFilterState->pNext = gpTnFilterState;
  98. gpTnFilterState = pTnFilterState;
  100. PAFreeTnFilter(pSPDTnFilter);
  102. }
  104. return (dwError);
  105. }
  108. DWORD
  109. PACreateTnFilterState(
  110. PIPSEC_NEGPOL_DATA pIpsecNegPolData,
  111. PIPSEC_NFA_DATA pIpsecNFAData,
  112. PIPSEC_FILTER_SPEC pFilterSpec,
  113. PTNFILTERSTATE * ppTnFilterState
  114. )
  115. {
  116. DWORD dwError = 0;
  117. PTNFILTERSTATE pTnFilterState = NULL;
  120. dwError = AllocateSPDMemory(
  121. sizeof(TNFILTERSTATE),
  122. &pTnFilterState
  123. );
  124. BAIL_ON_WIN32_ERROR(dwError);
  126. memcpy(
  127. &(pTnFilterState->gFilterID),
  128. &(pFilterSpec->FilterSpecGUID),
  129. sizeof(GUID)
  130. );
  132. memcpy(
  133. &(pTnFilterState->gPolicyID),
  134. &(pIpsecNegPolData->NegPolIdentifier),
  135. sizeof(GUID)
  136. );
  138. pTnFilterState->hTnFilter = NULL;
  139. pTnFilterState->pNext = NULL;
  141. *ppTnFilterState = pTnFilterState;
  143. return (dwError);
  145. error:
  147. *ppTnFilterState = NULL;
  149. return (dwError);
  150. }
  153. DWORD
  154. PACreateTnFilter(
  155. PIPSEC_NEGPOL_DATA pIpsecNegPolData,
  156. PIPSEC_NFA_DATA pIpsecNFAData,
  157. PIPSEC_FILTER_SPEC pFilterSpec,
  158. PQMPOLICYSTATE pQMPolicyState,
  159. PTUNNEL_FILTER * ppSPDTnFilter
  160. )
  161. {
  162. DWORD dwError = 0;
  163. PTUNNEL_FILTER pSPDTnFilter = NULL;
  164. WCHAR pszName[512];
  167. dwError = AllocateSPDMemory(
  168. sizeof(TUNNEL_FILTER),
  169. &pSPDTnFilter
  170. );
  171. BAIL_ON_WIN32_ERROR(dwError);
  173. memcpy(
  174. &(pSPDTnFilter->gFilterID),
  175. &(pFilterSpec->FilterSpecGUID),
  176. sizeof(GUID)
  177. );
  179. if (pFilterSpec->pszDescription && *(pFilterSpec->pszDescription)) {
  181. dwError = AllocateSPDString(
  182. pFilterSpec->pszDescription,
  183. &(pSPDTnFilter->pszFilterName)
  184. );
  185. BAIL_ON_WIN32_ERROR(dwError);
  187. }
  188. else {
  190. wsprintf(pszName, L"%d", ++gdwTnFilterCounter);
  192. dwError = AllocateSPDString(
  193. pszName,
  194. &(pSPDTnFilter->pszFilterName)
  195. );
  196. BAIL_ON_WIN32_ERROR(dwError);
  198. }
  200. PASetInterfaceType(
  201. pIpsecNFAData->dwInterfaceType,
  202. &(pSPDTnFilter->InterfaceType)
  203. );
  205. pSPDTnFilter->bCreateMirror = FALSE;
  207. pSPDTnFilter->dwFlags = 0;
  209. PASetAddress(
  210. pFilterSpec->Filter.SrcMask,
  211. pFilterSpec->Filter.SrcAddr,
  212. &(pSPDTnFilter->SrcAddr)
  213. );
  215. PASetAddress(
  216. pFilterSpec->Filter.DestMask,
  217. pFilterSpec->Filter.DestAddr,
  218. &(pSPDTnFilter->DesAddr)
  219. );
  221. PASetAddress(
  222. SUBNET_MASK_ANY,
  223. SUBNET_ADDRESS_ANY,
  224. &(pSPDTnFilter->SrcTunnelAddr)
  225. );
  227. PASetTunnelAddress(
  228. ((ULONG) pIpsecNFAData->dwTunnelIpAddr),
  229. &(pSPDTnFilter->DesTunnelAddr)
  230. );
  232. pSPDTnFilter->Protocol.ProtocolType = PROTOCOL_UNIQUE;
  233. pSPDTnFilter->Protocol.dwProtocol = pFilterSpec->Filter.Protocol;
  235. pSPDTnFilter->SrcPort.PortType = PORT_UNIQUE;
  236. pSPDTnFilter->SrcPort.wPort = pFilterSpec->Filter.SrcPort;
  238. pSPDTnFilter->DesPort.PortType = PORT_UNIQUE;
  239. pSPDTnFilter->DesPort.wPort = pFilterSpec->Filter.DestPort;
  241. SetFilterActions(
  242. pQMPolicyState,
  243. &(pSPDTnFilter->InboundFilterFlag),
  244. &(pSPDTnFilter->OutboundFilterFlag)
  245. );
  247. pSPDTnFilter->dwDirection = 0;
  249. pSPDTnFilter->dwWeight = 0;
  251. memcpy(
  252. &(pSPDTnFilter->gPolicyID),
  253. &(pIpsecNegPolData->NegPolIdentifier),
  254. sizeof(GUID)
  255. );
  257. *ppSPDTnFilter = pSPDTnFilter;
  259. return (dwError);
  261. error:
  263. if (pSPDTnFilter) {
  264. PAFreeTnFilter(
  265. pSPDTnFilter
  266. );
  267. }
  269. *ppSPDTnFilter = NULL;
  271. return (dwError);
  272. }
  275. VOID
  276. PAFreeTnFilter(
  277. PTUNNEL_FILTER pSPDTnFilter
  278. )
  279. {
  280. if (pSPDTnFilter) {
  282. if (pSPDTnFilter->pszFilterName) {
  283. FreeSPDString(pSPDTnFilter->pszFilterName);
  284. }
  286. FreeSPDMemory(pSPDTnFilter);
  288. }
  290. return;
  291. }
  294. DWORD
  295. PADeleteAllTnFilters(
  296. )
  297. {
  298. DWORD dwError = 0;
  299. PTNFILTERSTATE pTnFilterState = NULL;
  300. PTNFILTERSTATE pTemp = NULL;
  301. PTNFILTERSTATE pLeftTnFilterState = NULL;
  304. pTnFilterState = gpTnFilterState;
  306. while (pTnFilterState) {
  308. if (pTnFilterState->hTnFilter) {
  310. dwError = DeleteTunnelFilter(
  311. pTnFilterState->hTnFilter
  312. );
  313. if (!dwError) {
  314. pTemp = pTnFilterState;
  315. pTnFilterState = pTnFilterState->pNext;
  316. FreeSPDMemory(pTemp);
  317. }
  318. else {
  319. pTemp = pTnFilterState;
  320. pTnFilterState = pTnFilterState->pNext;
  322. pTemp->pNext = pLeftTnFilterState;
  323. pLeftTnFilterState = pTemp;
  324. }
  326. }
  327. else {
  329. pTemp = pTnFilterState;
  330. pTnFilterState = pTnFilterState->pNext;
  331. FreeSPDMemory(pTemp);
  333. }
  335. }
  337. gpTnFilterState = pLeftTnFilterState;
  339. return (dwError);
  340. }
  343. VOID
  344. PAFreeTnFilterStateList(
  345. PTNFILTERSTATE pTnFilterState
  346. )
  347. {
  348. PTNFILTERSTATE pTemp = NULL;
  351. while (pTnFilterState) {
  353. pTemp = pTnFilterState;
  354. pTnFilterState = pTnFilterState->pNext;
  355. FreeSPDMemory(pTemp);
  357. }
  358. }
  361. DWORD
  362. PADeleteTnFilterSpecs(
  363. PIPSEC_NFA_DATA pIpsecNFAData
  364. )
  365. {
  366. DWORD dwError = 0;
  367. PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
  368. PIPSEC_FILTER_DATA pIpsecFilterData = NULL;
  369. DWORD dwNumFilterSpecs = 0;
  370. PIPSEC_FILTER_SPEC * ppFilterSpecs = NULL;
  371. DWORD i = 0;
  372. PIPSEC_FILTER_SPEC pFilterSpec = NULL;
  375. pIpsecNegPolData = pIpsecNFAData->pIpsecNegPolData;
  377. if (!memcmp(
  378. &(pIpsecNegPolData->NegPolType),
  379. &(GUID_NEGOTIATION_TYPE_DEFAULT),
  380. sizeof(GUID))) {
  381. dwError = ERROR_SUCCESS;
  382. return (dwError);
  383. }
  385. pIpsecFilterData = pIpsecNFAData->pIpsecFilterData;
  387. if (!pIpsecFilterData) {
  388. dwError = ERROR_SUCCESS;
  389. return (dwError);
  390. }
  392. dwNumFilterSpecs = pIpsecFilterData->dwNumFilterSpecs;
  393. ppFilterSpecs = pIpsecFilterData->ppFilterSpecs;
  395. for (i = 0; i < dwNumFilterSpecs; i++) {
  397. pFilterSpec = *(ppFilterSpecs + i);
  399. dwError = PADeleteTnFilter(
  400. pFilterSpec->FilterSpecGUID
  401. );
  403. }
  405. return (dwError);
  406. }
  409. DWORD
  410. PADeleteTnFilter(
  411. GUID gFilterID
  412. )
  413. {
  414. DWORD dwError = 0;
  415. PTNFILTERSTATE pTnFilterState = NULL;
  418. pTnFilterState = FindTnFilterState(
  419. gFilterID
  420. );
  421. if (!pTnFilterState) {
  422. dwError = ERROR_SUCCESS;
  423. return (dwError);
  424. }
  426. if (pTnFilterState->hTnFilter) {
  428. dwError = DeleteTunnelFilter(
  429. pTnFilterState->hTnFilter
  430. );
  431. BAIL_ON_WIN32_ERROR(dwError);
  433. }
  435. PADeleteTnFilterState(pTnFilterState);
  437. error:
  439. return (dwError);
  440. }
  443. VOID
  444. PADeleteTnFilterState(
  445. PTNFILTERSTATE pTnFilterState
  446. )
  447. {
  448. PTNFILTERSTATE * ppTemp = NULL;
  451. ppTemp = &gpTnFilterState;
  453. while (*ppTemp) {
  455. if (*ppTemp == pTnFilterState) {
  456. break;
  457. }
  458. ppTemp = &((*ppTemp)->pNext);
  460. }
  462. if (*ppTemp) {
  463. *ppTemp = pTnFilterState->pNext;
  464. }
  466. FreeSPDMemory(pTnFilterState);
  468. return;
  469. }
  472. PTNFILTERSTATE
  473. FindTnFilterState(
  474. GUID gFilterID
  475. )
  476. {
  477. PTNFILTERSTATE pTnFilterState = NULL;
  480. pTnFilterState = gpTnFilterState;
  482. while (pTnFilterState) {
  484. if (!memcmp(&(pTnFilterState->gFilterID), &gFilterID, sizeof(GUID))) {
  485. return (pTnFilterState);
  486. }
  488. pTnFilterState = pTnFilterState->pNext;
  490. }
  492. return (NULL);
  493. }