Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

460 lines
9.2 KiB

/**********************************************************************/
/** Microsoft Windows/NT **/
/** Copyright(c) Microsoft Corporation, 1997 - 1999 **/
/**********************************************************************/
/*
spdutil.cpp
FILE HISTORY:
*/
#include "stdafx.h"
#include "winipsec.h"
#include "spdutil.h"
#include "objplus.h"
#include "ipaddres.h"
#include "spddb.h"
#include "server.h"
extern CHashTable g_HashTable;
const DWORD IPSM_PROTOCOL_TCP = 6;
const DWORD IPSM_PROTOCOL_UDP = 17;
const TCHAR c_szSingleAddressMask[] = _T("255.255.255.255");
const ProtocolStringMap c_ProtocolStringMap[] =
{
{0, IDS_PROTOCOL_ANY},
{1, IDS_PROTOCOL_ICMP},
{3, IDS_PROTOCOL_GGP},
{6, IDS_PROTOCOL_TCP},
{8, IDS_PROTOCOL_EGP},
{12, IDS_PROTOCOL_PUP},
{17, IDS_PROTOCOL_UDP},
{20, IDS_PROTOCOL_HMP},
{22, IDS_PROTOCOL_XNS_IDP},
{27, IDS_PROTOCOL_RDP},
{66, IDS_PROTOCOL_RVD}
};
const int c_nProtocols = DimensionOf(c_ProtocolStringMap);
ULONG RevertDwordBytes(DWORD dw)
{
ULONG ulRet;
ulRet = dw >> 24;
ulRet += (dw & 0xFF0000) >> 8;
ulRet += (dw & 0x00FF00) << 8;
ulRet += (dw & 0x0000FF) << 24;
return ulRet;
}
void PortToString
(
PORT port,
CString * pst
)
{
if (0 == port.wPort)
{
pst->LoadString(IDS_PORT_ANY);
}
else
{
pst->Format(_T("%d"), port.wPort);
}
}
void FilterFlagToString
(
FILTER_FLAG FltrFlag,
CString * pst
)
{
pst->Empty();
switch(FltrFlag)
{
case PASS_THRU:
pst->LoadString(IDS_PASS_THROUGH);
break;
case BLOCKING:
pst->LoadString(IDS_BLOCKING);
break;
case NEGOTIATE_SECURITY:
pst->LoadString(IDS_NEG_SEC);
break;
}
}
void ProtocolToString
(
PROTOCOL protocol,
CString * pst
)
{
BOOL fFound = FALSE;
for (int i = 0; i < DimensionOf(c_ProtocolStringMap); i++)
{
if (c_ProtocolStringMap[i].dwProtocol == protocol.dwProtocol)
{
pst->LoadString(c_ProtocolStringMap[i].nStringID);
fFound = TRUE;
}
}
if (!fFound)
{
pst->Format(IDS_OTHER_PROTO, protocol.dwProtocol);
}
}
void InterfaceTypeToString
(
IF_TYPE ifType,
CString * pst
)
{
switch (ifType)
{
case INTERFACE_TYPE_ALL:
pst->LoadString (IDS_IF_TYPE_ALL);
break;
case INTERFACE_TYPE_LAN:
pst->LoadString (IDS_IF_TYPE_LAN);
break;
case INTERFACE_TYPE_DIALUP:
pst->LoadString (IDS_IF_TYPE_RAS);
break;
default:
pst->LoadString (IDS_UNKNOWN);
break;
}
}
void BoolToString
(
BOOL bl,
CString * pst
)
{
if (bl)
pst->LoadString (IDS_YES);
else
pst->LoadString (IDS_NO);
}
void DirectionToString
(
DWORD dwDir,
CString * pst
)
{
switch (dwDir)
{
case FILTER_DIRECTION_INBOUND:
pst->LoadString(IDS_FLTR_DIR_IN);
break;
case FILTER_DIRECTION_OUTBOUND:
pst->LoadString(IDS_FLTR_DIR_OUT);
break;
default:
pst->Empty();
break;
}
}
void DoiEspAlgorithmToString
(
IPSEC_MM_ALGO algo,
CString * pst
)
{
switch (algo.uAlgoIdentifier)
{
case IPSEC_DOI_ESP_NONE:
pst->LoadString(IDS_DOI_ESP_NONE);
break;
case IPSEC_DOI_ESP_DES:
pst->LoadString(IDS_DOI_ESP_DES);
break;
case IPSEC_DOI_ESP_3_DES:
pst->LoadString(IDS_DOI_ESP_3_DES);
break;
default:
pst->Empty();
break;
}
}
void DoiAuthAlgorithmToString
(
IPSEC_MM_ALGO algo,
CString * pst
)
{
switch(algo.uAlgoIdentifier)
{
case IPSEC_DOI_AH_NONE:
pst->LoadString(IDS_DOI_AH_NONE);
break;
case IPSEC_DOI_AH_MD5:
pst->LoadString(IDS_DOI_AH_MD5);
break;
case IPSEC_DOI_AH_SHA1:
pst->LoadString(IDS_DOI_AH_SHA);
break;
default:
pst->Empty();
break;
}
}
void DhGroupToString(DWORD dwGp, CString * pst)
{
switch(dwGp)
{
case 1:
pst->LoadString(IDS_DHGROUP_LOW);
break;
case 2:
pst->LoadString(IDS_DHGROUP_MEDIUM);
break;
case 3:
pst->LoadString(IDS_DHGROUP_HIGH);
break;
default:
pst->Format(_T("%d"), dwGp);
break;
}
}
void MmAuthToString(MM_AUTH_ENUM auth, CString * pst)
{
switch(auth)
{
case IKE_PRESHARED_KEY:
pst->LoadString(IDS_IKE_PRESHARED_KEY);
break;
case IKE_DSS_SIGNATURE:
pst->LoadString(IDS_IKE_DSS_SIGNATURE);
break;
case IKE_RSA_SIGNATURE:
pst->LoadString(IDS_IKE_RSA_SIGNATURE);
break;
case IKE_RSA_ENCRYPTION:
pst->LoadString(IDS_IKE_RSA_ENCRYPTION);
break;
case IKE_SSPI:
pst->LoadString(IDS_IKE_SSPI);
break;
default:
pst->Empty();
break;
}
}
void KeyLifetimeToString(KEY_LIFETIME lifetime, CString * pst)
{
pst->Format(IDS_KEY_LIFE_TIME, lifetime.uKeyExpirationKBytes, lifetime.uKeyExpirationTime);
}
void IpToString(ULONG ulIp, CString *pst)
{
ULONG ul;
CIpAddress ipAddr;
ul = RevertDwordBytes(ulIp);
ipAddr = ul;
*pst = (CString) ipAddr;
}
void AddressToString(ADDR addr, CString * pst, BOOL * pfIsDnsName)
{
Assert(pst);
if (NULL == pst)
return;
if (pfIsDnsName)
{
*pfIsDnsName = FALSE;
}
ULONG ul;
CIpAddress ipAddr;
pst->Empty();
switch (addr.AddrType)
{
case IP_ADDR_UNIQUE:
if (IP_ADDRESS_ME == addr.uIpAddr)
{
pst->LoadString(IDS_ADDR_ME);
}
else
{
HashEntry *pHashEntry=NULL;
if (g_HashTable.GetObject(&pHashEntry,*(in_addr*)&addr.uIpAddr) != ERROR_SUCCESS) {
ul = RevertDwordBytes(addr.uIpAddr);
ipAddr = ul;
*pst = (CString) ipAddr;
}
else
{
*pst=pHashEntry->HostName;
if (pfIsDnsName)
{
*pfIsDnsName = TRUE;
}
}
}
break;
case IP_ADDR_SUBNET:
if (SUBNET_ADDRESS_ANY == addr.uSubNetMask)
{
pst->LoadString(IDS_ADDR_ANY);
}
else
{
ul = RevertDwordBytes(addr.uIpAddr);
ipAddr = ul;
*pst = (CString) ipAddr;
*pst += _T("(");
ul = RevertDwordBytes(addr.uSubNetMask);
ipAddr = ul;
*pst += (CString) ipAddr;
*pst += _T(")");
}
break;
}
}
void IpsecByteBlobToString(const IPSEC_BYTE_BLOB& blob, CString * pst)
{
Assert(pst);
if (NULL == pst)
return;
pst->Empty();
//TODO to translate the blob info to readable strings
}
void QmAlgorithmToString
(
QM_ALGO_TYPE type,
CQmOffer * pOffer,
CString * pst
)
{
Assert(pst);
Assert(pOffer);
if (NULL == pst || NULL == pOffer)
return;
pst->LoadString(IDS_ALGO_NONE);
for (DWORD i = 0; i < pOffer->m_dwNumAlgos; i++)
{
switch(type)
{
case QM_ALGO_AUTH:
if (AUTHENTICATION == pOffer->m_arrAlgos[i].m_Operation)
{
switch(pOffer->m_arrAlgos[i].m_ulAlgo)
{
case IPSEC_DOI_AH_MD5:
pst->LoadString(IDS_DOI_AH_MD5);
break;
case IPSEC_DOI_AH_SHA1:
pst->LoadString(IDS_DOI_AH_SHA);
break;
}
}
break;
case QM_ALGO_ESP_CONF:
if (ENCRYPTION == pOffer->m_arrAlgos[i].m_Operation)
{
switch(pOffer->m_arrAlgos[i].m_ulAlgo)
{
case IPSEC_DOI_ESP_DES:
pst->LoadString(IDS_DOI_ESP_DES);
break;
case IPSEC_DOI_ESP_3_DES:
pst->LoadString(IDS_DOI_ESP_3_DES);
break;
}
}
break;
case QM_ALGO_ESP_INTEG:
if (ENCRYPTION == pOffer->m_arrAlgos[i].m_Operation)
{
switch(pOffer->m_arrAlgos[i].m_SecAlgo)
{
case HMAC_AH_MD5:
pst->LoadString(IDS_HMAC_AH_MD5);
break;
case HMAC_AH_SHA1:
pst->LoadString(IDS_HMAC_AH_SHA);
break;
}
}
break;
}
}
}
void TnlEpToString
(
QM_FILTER_TYPE FltrType,
ADDR TnlEp,
CString * pst
)
{
Assert(pst);
if (NULL == pst)
return;
if (QM_TUNNEL_FILTER == FltrType)
{
AddressToString(TnlEp, pst);
}
else
{
pst->LoadString(IDS_NOT_AVAILABLE);
}
}
void TnlEpToString
(
FILTER_TYPE FltrType,
ADDR TnlEp,
CString * pst
)
{
Assert(pst);
if (NULL == pst)
return;
if (FILTER_TYPE_TUNNEL == FltrType)
{
AddressToString(TnlEp, pst);
}
else
{
pst->LoadString(IDS_NOT_AVAILABLE);
}
}