mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3101 lines
90 KiB
3101 lines
90 KiB
// Copyright (c) 1997, Microsoft Corporation, all rights reserved
|
|
//
|
|
// tdix.c
|
|
// RAS L2TP WAN mini-port/call-manager driver
|
|
// TDI extensions interface
|
|
//
|
|
// 01/07/97 Steve Cobb
|
|
//
|
|
// These routines encapsulate L2TP's usage of TDI, with the intent of
|
|
// minimalizing the change required to support other TDI transports in the
|
|
// future, e.g. Frame Relay.
|
|
//
|
|
//
|
|
// About ALLOCATEIRPS:
|
|
//
|
|
// This driver is lower level code than typical TDI client drivers. It has
|
|
// locked MDL-mapped input buffers readily available and does not need to
|
|
// provide any mapping to user mode client requests on completion. This
|
|
// allows a performance gain from allocating and deallocating IRPs directly,
|
|
// thus avoiding unnecessary setup in TdiBuildInternalDeviceControlIrp and
|
|
// unnecessary APC queuing in IoCompleteRequest. Define ALLOCATEIRPs 1 (in
|
|
// sources file) to make this optimization, or define it 0 to use the strictly
|
|
// TDI-compliant TdiBuildInternalDeviceControlIrp method.
|
|
//
|
|
//
|
|
// About NDISBUFFERISMDL:
|
|
//
|
|
// Calls to TdiBuildSendDatagram assume the NDIS_BUFFER can be passed in place
|
|
// of an MDL which avoids a pointless copy. If this is not the case, an
|
|
// explicit MDL buffer would need to be allocated and caller's buffer copied
|
|
// to the MDL buffer before sending. Same issue for TdiBuildReceiveDatagram,
|
|
// except of course that the copy would be from the MDL buffer to caller's
|
|
// buffer after receiving.
|
|
//
|
|
//
|
|
// About ROUTEWITHREF:
|
|
//
|
|
// Calls the IP_SET_ROUTEWITHREF IOCTLs rather than the TCP_SET_INFORMATION_EX
|
|
// IOCTLs to set up the host route. The referenced route IOCTLs prevent PPTP
|
|
// and L2TP from walking on each others routes. This setting provided only as
|
|
// a hedge against failure of the ROUTEWITHREF IOCTL. Assuming it works it
|
|
// should always be preferable.
|
|
//
|
|
|
|
#include "l2tpp.h"
|
|
|
|
#define IP_PKTINFO 19 // receive packet information
|
|
|
|
typedef struct in_pktinfo {
|
|
ULONG ipi_addr; // destination IPv4 address
|
|
UINT ipi_ifindex; // received interface index
|
|
} IN_PKTINFO;
|
|
|
|
|
|
// Debug count of errors that should not be happening.
|
|
//
|
|
ULONG g_ulTdixOpenFailures = 0;
|
|
ULONG g_ulTdixSendDatagramFailures = 0;
|
|
ULONG g_ulTdixAddHostRouteFailures = 0;
|
|
ULONG g_ulTdixDeleteHostRouteFailures = 0;
|
|
ULONG g_ulTdixOpenCtrlAddrFailures = 0;
|
|
ULONG g_ulTdixOpenPayloadAddrFailures = 0;
|
|
ULONG g_ulTdixSetInterfaceFailures = 0;
|
|
ULONG g_ulTdixConnectAddrFailures = 0;
|
|
ULONG g_ulTdixAddHostRouteSuccesses = 0;
|
|
ULONG g_ulTdixDeleteHostRouteSuccesses = 0;
|
|
ULONG g_ulTdixOpenCtrlAddrSuccesses = 0;
|
|
ULONG g_ulTdixOpenPayloadAddrSuccesses = 0;
|
|
ULONG g_ulTdixSetInterfaceSuccesses = 0;
|
|
ULONG g_ulTdixConnectAddrSuccesses = 0;
|
|
ULONG g_ulNoBestRoute = 0;
|
|
NTSTATUS g_statusLastAhrSetRouteFailure = 0;
|
|
NTSTATUS g_statusLastAhrTcpQueryInfoExFailure = 0;
|
|
NTSTATUS g_statusLastDhrSetRouteFailure = 0;
|
|
NTSTATUS g_statusLastDhrTcpQueryInfoExFailure = 0;
|
|
|
|
|
|
#if NDISBUFFERISMDL
|
|
#else
|
|
#error Additional code to copy NDIS_BUFFER to/from MDL NYI.
|
|
#endif
|
|
|
|
|
|
//-----------------------------------------------------------------------------
|
|
// Local datatypes
|
|
//-----------------------------------------------------------------------------
|
|
|
|
|
|
|
|
//-----------------------------------------------------------------------------
|
|
// Local prototypes (alphabetically)
|
|
//-----------------------------------------------------------------------------
|
|
|
|
NTSTATUS
|
|
TdixConnectAddrInterface(
|
|
FILE_OBJECT* pFileObj,
|
|
HANDLE hFileHandle,
|
|
TDIXROUTE* pTdixRoute
|
|
);
|
|
|
|
VOID
|
|
TdixDisableUdpChecksums(
|
|
IN FILE_OBJECT* pAddress);
|
|
|
|
VOID
|
|
TdixDoClose(
|
|
TDIXCONTEXT* pTdix);
|
|
|
|
VOID
|
|
TdixEnableIpPktInfo(
|
|
IN FILE_OBJECT* pAddress);
|
|
|
|
VOID
|
|
TdixExtractAddress(
|
|
IN TDIXCONTEXT* pTdix,
|
|
OUT TDIXRDGINFO* pRdg,
|
|
IN VOID* pTransportAddress,
|
|
IN LONG lTransportAddressLen,
|
|
IN VOID* Options,
|
|
IN LONG OptionsLength);
|
|
|
|
NTSTATUS
|
|
TdixInstallEventHandler(
|
|
IN FILE_OBJECT* pAddress,
|
|
IN INT nEventType,
|
|
IN VOID* pfuncEventHandler,
|
|
IN VOID* pEventContext );
|
|
|
|
NTSTATUS
|
|
TdixOpenIpAddress(
|
|
IN UNICODE_STRING* puniDevice,
|
|
IN TDIXIPADDRESS* pTdixAddr,
|
|
OUT HANDLE* phAddress,
|
|
OUT FILE_OBJECT** ppFileObject );
|
|
|
|
NTSTATUS
|
|
TdixReceiveDatagramComplete(
|
|
IN PDEVICE_OBJECT DeviceObject,
|
|
IN PIRP Irp,
|
|
IN PVOID Context );
|
|
|
|
NTSTATUS
|
|
TdixReceiveDatagramHandler(
|
|
IN PVOID TdiEventContext,
|
|
IN LONG SourceAddressLength,
|
|
IN PVOID SourceAddress,
|
|
IN LONG OptionsLength,
|
|
IN PVOID Options,
|
|
IN ULONG ReceiveDatagramFlags,
|
|
IN ULONG BytesIndicated,
|
|
IN ULONG BytesAvailable,
|
|
OUT ULONG* BytesTaken,
|
|
IN PVOID Tsdu,
|
|
OUT PIRP* IoRequestPacket );
|
|
|
|
TDIXROUTE*
|
|
TdixRouteFromIpAddress(
|
|
IN TDIXCONTEXT* pTdix,
|
|
IN ULONG ulIpAddress);
|
|
|
|
NTSTATUS
|
|
TdixSendComplete(
|
|
IN PDEVICE_OBJECT DeviceObject,
|
|
IN PIRP Irp,
|
|
IN PVOID Context );
|
|
|
|
NTSTATUS
|
|
TdixSendDatagramComplete(
|
|
IN PDEVICE_OBJECT DeviceObject,
|
|
IN PIRP Irp,
|
|
IN PVOID Context );
|
|
|
|
|
|
//-----------------------------------------------------------------------------
|
|
// Interface routines
|
|
//-----------------------------------------------------------------------------
|
|
|
|
VOID
|
|
TdixInitialize(
|
|
IN TDIXMEDIATYPE mediatype,
|
|
IN HOSTROUTEEXISTS hre,
|
|
IN ULONG ulFlags,
|
|
IN PTDIXRECEIVE pReceiveHandler,
|
|
IN BUFFERPOOL* pPoolNdisBuffers,
|
|
IN OUT TDIXCONTEXT* pTdix )
|
|
|
|
// Initialize caller's 'pTdix' buffer for future sessions using media type
|
|
// 'mediatype', the 'hre' existing host route strategy, and TDIXF_*
|
|
// options 'ulFlags'. Caller's receive datagram callback
|
|
// 'pReceiveHandler' is called with a buffer allocated from caller's
|
|
// buffer pool 'pPoolNdisBuffers'.
|
|
//
|
|
{
|
|
TRACE( TL_N, TM_Tdi, ( "TdixInit" ) );
|
|
|
|
pTdix->lRef = 0;
|
|
pTdix->hAddress = NULL;
|
|
pTdix->pAddress = NULL;
|
|
pTdix->mediatype = mediatype;
|
|
pTdix->hre = hre;
|
|
pTdix->ulFlags |= ulFlags;
|
|
pTdix->ulFlags = 0;
|
|
InitializeListHead( &pTdix->listRoutes );
|
|
NdisAllocateSpinLock( &pTdix->lock );
|
|
pTdix->pPoolNdisBuffers = pPoolNdisBuffers;
|
|
pTdix->pReceiveHandler = pReceiveHandler;
|
|
|
|
// The 'llistRdg' and 'llistSdg' lookaside lists are initialized at
|
|
// TdixOpen.
|
|
}
|
|
|
|
|
|
NDIS_STATUS
|
|
TdixOpen(
|
|
OUT TDIXCONTEXT* pTdix )
|
|
|
|
// Open the TDI transport address matching the selected media and register
|
|
// to receive datagrams at the selected handler. 'PTdix' is the
|
|
// previously intialized context.
|
|
//
|
|
// This call must be made at PASSIVE IRQL.
|
|
//
|
|
// Returns NDIS_STATUS_SUCCESS if successful, or NDIS_STATUS_FAILURE.
|
|
//
|
|
{
|
|
NTSTATUS status;
|
|
OBJECT_ATTRIBUTES oa;
|
|
IO_STATUS_BLOCK iosb;
|
|
FILE_FULL_EA_INFORMATION* pEa;
|
|
ULONG ulEaLength;
|
|
TA_IP_ADDRESS* pTaIp;
|
|
TDI_ADDRESS_IP* pTdiIp;
|
|
CHAR achEa[ 100 ];
|
|
UNICODE_STRING uniDevice;
|
|
UNICODE_STRING uniProtocolNumber;
|
|
WCHAR achRawIpDevice[ sizeof(DD_RAW_IP_DEVICE_NAME) + 10 ];
|
|
WCHAR achProtocolNumber[ 10 ];
|
|
SHORT sPort;
|
|
LONG lRef;
|
|
|
|
// Open the TDI extensions or notice that it's already been requested
|
|
// and/or completed.
|
|
//
|
|
for (;;)
|
|
{
|
|
BOOLEAN fPending;
|
|
BOOLEAN fDoOpen;
|
|
|
|
fPending = FALSE;
|
|
fDoOpen = FALSE;
|
|
|
|
NdisAcquireSpinLock( &pTdix->lock );
|
|
{
|
|
if (ReadFlags( &pTdix->ulFlags) & TDIXF_Pending)
|
|
{
|
|
fPending = TRUE;
|
|
}
|
|
else
|
|
{
|
|
lRef = ++pTdix->lRef;
|
|
TRACE( TL_N, TM_Tdi, ( "TdixOpen, refs=%d", lRef ) );
|
|
if (lRef == 1)
|
|
{
|
|
SetFlags( &pTdix->ulFlags, TDIXF_Pending );
|
|
fDoOpen = TRUE;
|
|
}
|
|
}
|
|
}
|
|
NdisReleaseSpinLock( &pTdix->lock );
|
|
|
|
if (fDoOpen)
|
|
{
|
|
// Go on and open the transport address.
|
|
//
|
|
break;
|
|
}
|
|
|
|
if (!fPending)
|
|
{
|
|
// It's already open, so report success.
|
|
//
|
|
return NDIS_STATUS_SUCCESS;
|
|
}
|
|
|
|
// An operation is already in progress. Give it some time to finish
|
|
// then check again.
|
|
//
|
|
TRACE( TL_I, TM_Tdi, ( "NdisMSleep(open)" ) );
|
|
NdisMSleep( 100000 );
|
|
TRACE( TL_I, TM_Tdi, ( "NdisMSleep(open) done" ) );
|
|
}
|
|
|
|
do
|
|
{
|
|
// Set up parameters needed to open the transport address. First, the
|
|
// object attributes.
|
|
//
|
|
if (pTdix->mediatype == TMT_Udp)
|
|
{
|
|
TDIXIPADDRESS TdixIpAddress;
|
|
|
|
TRACE( TL_V, TM_Tdi, ( "UDP" ) );
|
|
|
|
// Build the UDP device name as a counted string.
|
|
//
|
|
uniDevice.Buffer = DD_UDP_DEVICE_NAME;
|
|
uniDevice.Length = sizeof(DD_UDP_DEVICE_NAME) - sizeof(WCHAR);
|
|
|
|
NdisZeroMemory(&TdixIpAddress, sizeof(TdixIpAddress));
|
|
TdixIpAddress.sUdpPort = (SHORT)( htons( L2TP_UdpPort ));
|
|
|
|
status = TdixOpenIpAddress(
|
|
&uniDevice,
|
|
&TdixIpAddress,
|
|
&pTdix->hAddress,
|
|
&pTdix->pAddress );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
break;
|
|
}
|
|
|
|
TdixEnableIpPktInfo(pTdix->pAddress);
|
|
}
|
|
else
|
|
{
|
|
TDIXIPADDRESS TdixIpAddress;
|
|
|
|
ASSERT( pTdix->mediatype == TMT_RawIp );
|
|
TRACE( TL_A, TM_Tdi, ( "Raw IP" ) );
|
|
|
|
// Build the raw IP device name as a counted string. The device
|
|
// name is followed by a path separator then the protocol number
|
|
// of interest.
|
|
//
|
|
uniDevice.Buffer = achRawIpDevice;
|
|
uniDevice.Length = 0;
|
|
uniDevice.MaximumLength = sizeof(achRawIpDevice);
|
|
RtlAppendUnicodeToString( &uniDevice, DD_RAW_IP_DEVICE_NAME );
|
|
|
|
uniDevice.Buffer[ uniDevice.Length / sizeof(WCHAR) ]
|
|
= OBJ_NAME_PATH_SEPARATOR;
|
|
uniDevice.Length += sizeof(WCHAR);
|
|
|
|
uniProtocolNumber.Buffer = achProtocolNumber;
|
|
uniProtocolNumber.MaximumLength = sizeof(achProtocolNumber);
|
|
RtlIntegerToUnicodeString(
|
|
(ULONG )L2TP_IpProtocol, 10, &uniProtocolNumber );
|
|
|
|
RtlAppendUnicodeStringToString( &uniDevice, &uniProtocolNumber );
|
|
|
|
ASSERT( uniDevice.Length < sizeof(achRawIpDevice) );
|
|
|
|
NdisZeroMemory(&TdixIpAddress, sizeof(TdixIpAddress));
|
|
|
|
status = TdixOpenIpAddress(
|
|
&uniDevice,
|
|
&TdixIpAddress,
|
|
&pTdix->hAddress,
|
|
&pTdix->pAddress );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
break;
|
|
}
|
|
}
|
|
|
|
// Initialize the lookaside lists of read/send-datagram contexts.
|
|
//
|
|
NdisInitializeNPagedLookasideList(
|
|
&pTdix->llistRdg,
|
|
NULL,
|
|
NULL,
|
|
0,
|
|
sizeof(TDIXRDGINFO),
|
|
MTAG_TDIXRDG,
|
|
10 );
|
|
|
|
NdisInitializeNPagedLookasideList(
|
|
&pTdix->llistSdg,
|
|
NULL,
|
|
NULL,
|
|
0,
|
|
sizeof(TDIXSDGINFO),
|
|
MTAG_TDIXSDG,
|
|
10 );
|
|
|
|
// Install our receive datagram handler. Caller's 'pReceiveHandler' will
|
|
// be called by our handler when a datagram arrives and TDI business is
|
|
// out of the way.
|
|
//
|
|
status =
|
|
TdixInstallEventHandler(
|
|
pTdix->pAddress,
|
|
TDI_EVENT_RECEIVE_DATAGRAM,
|
|
TdixReceiveDatagramHandler,
|
|
pTdix );
|
|
|
|
#if ROUTEWITHREF
|
|
{
|
|
TDIXIPADDRESS TdixIpAddress;
|
|
|
|
// Open the IP stack address which is needed in both UDP and raw IP
|
|
// mode for referenced route management.
|
|
//
|
|
|
|
NdisZeroMemory(&TdixIpAddress, sizeof(TdixIpAddress));
|
|
|
|
uniDevice.Buffer = DD_IP_DEVICE_NAME;
|
|
uniDevice.Length = sizeof(DD_IP_DEVICE_NAME) - sizeof(WCHAR);
|
|
|
|
status = TdixOpenIpAddress(
|
|
&uniDevice,
|
|
&TdixIpAddress,
|
|
&pTdix->hIpStackAddress,
|
|
&pTdix->pIpStackAddress );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
break;
|
|
}
|
|
}
|
|
#endif
|
|
}
|
|
while (FALSE);
|
|
|
|
// Report results after marking the operation complete.
|
|
//
|
|
{
|
|
BOOLEAN fDoClose;
|
|
|
|
fDoClose = FALSE;
|
|
NdisAcquireSpinLock( &pTdix->lock );
|
|
{
|
|
if (status == STATUS_SUCCESS)
|
|
{
|
|
ClearFlags( &pTdix->ulFlags, TDIXF_Pending );
|
|
}
|
|
else
|
|
{
|
|
++g_ulTdixOpenFailures;
|
|
ASSERT( pTdix->lRef == 1)
|
|
pTdix->lRef = 0;
|
|
fDoClose = TRUE;
|
|
}
|
|
}
|
|
NdisReleaseSpinLock( &pTdix->lock );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TdixDoClose( pTdix );
|
|
}
|
|
}
|
|
|
|
TRACE( TL_N, TM_Tdi, ( "TdixOpen=$%08x", status ) );
|
|
return
|
|
(status == STATUS_SUCCESS)
|
|
? NDIS_STATUS_SUCCESS
|
|
: NDIS_STATUS_FAILURE;
|
|
}
|
|
|
|
|
|
VOID
|
|
TdixReference(
|
|
IN TDIXCONTEXT* pTdix )
|
|
|
|
// Increments the TDI extension reference count, like TdixOpen, except
|
|
// this routine may be called at DISPATCH IRQL.
|
|
//
|
|
// This call must only be made if it is known that the TDI context is
|
|
// already fully open.
|
|
//
|
|
{
|
|
NdisAcquireSpinLock( &pTdix->lock );
|
|
{
|
|
ASSERT( pTdix->lRef > 0 );
|
|
++pTdix->lRef;
|
|
}
|
|
NdisReleaseSpinLock( &pTdix->lock );
|
|
}
|
|
|
|
|
|
VOID
|
|
TdixClose(
|
|
IN TDIXCONTEXT* pTdix )
|
|
|
|
// Undo TdixOpen actions for transport context 'pTdix'.
|
|
//
|
|
// This call must be made at PASSIVE IRQL.
|
|
//
|
|
{
|
|
for (;;)
|
|
{
|
|
LONG lRef;
|
|
BOOLEAN fPending;
|
|
BOOLEAN fDoClose;
|
|
|
|
fPending = FALSE;
|
|
fDoClose = FALSE;
|
|
|
|
NdisAcquireSpinLock( &pTdix->lock );
|
|
{
|
|
if (ReadFlags( &pTdix->ulFlags ) & TDIXF_Pending)
|
|
{
|
|
fPending = TRUE;
|
|
}
|
|
else
|
|
{
|
|
lRef = --pTdix->lRef;
|
|
ASSERT( lRef >= 0 );
|
|
TRACE( TL_N, TM_Tdi, ( "TdixClose, refs=%d", lRef ) );
|
|
if (lRef == 0)
|
|
{
|
|
SetFlags( &pTdix->ulFlags, TDIXF_Pending );
|
|
fDoClose = TRUE;
|
|
}
|
|
}
|
|
}
|
|
NdisReleaseSpinLock( &pTdix->lock );
|
|
|
|
if (fDoClose)
|
|
{
|
|
// Go on and close the transport address.
|
|
//
|
|
break;
|
|
}
|
|
|
|
if (!fPending)
|
|
{
|
|
// It's still got references, so just return;
|
|
//
|
|
return;
|
|
}
|
|
|
|
// An operation is already in progress. Give it some time to finish
|
|
// then check again.
|
|
//
|
|
TRACE( TL_I, TM_Tdi, ( "NdisMSleep(close)" ) );
|
|
NdisMSleep( 100000 );
|
|
TRACE( TL_I, TM_Tdi, ( "NdisMSleep(close) done" ) );
|
|
}
|
|
|
|
ASSERT( IsListEmpty( &pTdix->listRoutes ) );
|
|
TdixDoClose( pTdix );
|
|
}
|
|
|
|
NDIS_STATUS
|
|
TdixSend(
|
|
IN TDIXCONTEXT* pTdix,
|
|
IN FILE_OBJECT* pFileObj,
|
|
IN PTDIXSENDCOMPLETE pSendCompleteHandler,
|
|
IN VOID* pContext1,
|
|
IN VOID* pContext2,
|
|
IN VOID* pAddress,
|
|
IN CHAR* pBuffer,
|
|
IN ULONG ulBufferLength,
|
|
OUT IRP** ppIrp )
|
|
// Send a datagram buffer 'pBuffer', 'ulBufferLength' bytes long, to
|
|
// remote address 'pAddress'. The buffer must be from a BUFFERPOOL of
|
|
// NDIS_BUFFERs. 'PTdix' is the transport context.
|
|
// 'PSendDatagramCompleteHander' is caller's completion handler which is
|
|
// passed 'pContext1' and 'pContext2'. If 'ppIrp' is non-NULL '*ppIrp' is
|
|
// set to the address of the posted IRP, this for debugging purposes.
|
|
//
|
|
// This call must be made at PASSIVE IRQL.
|
|
//
|
|
// Returns NDIS_STATUS_SUCCESS if successful, or NDIS_STATUS_FAILURE.
|
|
//
|
|
{
|
|
NDIS_STATUS status;
|
|
NTSTATUS iostatus;
|
|
TDIXSDGINFO* pSdg;
|
|
SHORT sPort;
|
|
PIRP pIrp;
|
|
TDI_ADDRESS_IP* pTdiIp;
|
|
DEVICE_OBJECT* DeviceObj;
|
|
|
|
TRACE( TL_N, TM_Tdi, ( "TdixSend(dst=%d.%d.%d.%d/%d,len=%d)",
|
|
IPADDRTRACE( ((TDIXIPADDRESS* )pAddress)->ulIpAddress ),
|
|
(ULONG )(ntohs( ((TDIXIPADDRESS* )pAddress)->sUdpPort )),
|
|
ulBufferLength ) );
|
|
|
|
ASSERT(pFileObj != NULL);
|
|
|
|
do
|
|
{
|
|
// Allocate a context for this send-datagram from our lookaside list.
|
|
//
|
|
pSdg = ALLOC_TDIXSDGINFO( pTdix );
|
|
if (pSdg)
|
|
{
|
|
// Fill in the send-datagram context.
|
|
//
|
|
pSdg->pTdix = pTdix;
|
|
pSdg->pSendCompleteHandler = pSendCompleteHandler;
|
|
pSdg->pContext1 = pContext1;
|
|
pSdg->pContext2 = pContext2;
|
|
pSdg->pBuffer = pBuffer;
|
|
}
|
|
else
|
|
{
|
|
ASSERT( !"Alloc SDG?" );
|
|
status = NDIS_STATUS_RESOURCES;
|
|
break;
|
|
}
|
|
|
|
#if 0
|
|
// Put the destination IP address in the "connection" structure as TDI
|
|
// expects. The "connection" is part of our context as it must be
|
|
// available to TDI until the request completes.
|
|
//
|
|
pSdg->taip.TAAddressCount = 1;
|
|
pSdg->taip.Address[ 0 ].AddressLength = TDI_ADDRESS_LENGTH_IP;
|
|
pSdg->taip.Address[ 0 ].AddressType = TDI_ADDRESS_TYPE_IP;
|
|
|
|
pTdiIp = &pSdg->taip.Address[ 0 ].Address[ 0 ];
|
|
|
|
sPort = ((TDIXIPADDRESS* )pAddress)->sUdpPort;
|
|
if (sPort == 0 && pTdix->mediatype == TMT_Udp)
|
|
{
|
|
sPort = (SHORT )(htons( L2TP_UdpPort ));
|
|
}
|
|
|
|
pTdiIp->sin_port = sPort;
|
|
pTdiIp->in_addr = ((TDIXIPADDRESS* )pAddress)->ulIpAddress;
|
|
NdisZeroMemory( pTdiIp->sin_zero, sizeof(pTdiIp->sin_zero) );
|
|
|
|
pSdg->tdiconninfo.UserDataLength = 0;
|
|
pSdg->tdiconninfo.UserData = NULL;
|
|
pSdg->tdiconninfo.OptionsLength = 0;
|
|
pSdg->tdiconninfo.Options = NULL;
|
|
pSdg->tdiconninfo.RemoteAddressLength = sizeof(pSdg->taip);
|
|
pSdg->tdiconninfo.RemoteAddress = &pSdg->taip;
|
|
#endif
|
|
|
|
DeviceObj = pFileObj->DeviceObject;
|
|
|
|
#if ALLOCATEIRPS
|
|
// Allocate the IRP directly.
|
|
//
|
|
pIrp = IoAllocateIrp(DeviceObj->StackSize, FALSE );
|
|
#else
|
|
// Allocate a "send datagram" IRP with base initialization.
|
|
//
|
|
pIrp =
|
|
TdiBuildInternalDeviceControlIrp(
|
|
TDI_SEND,
|
|
DeviceObj,
|
|
FileObj,
|
|
NULL,
|
|
NULL );
|
|
#endif
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Alloc IRP?" ) );
|
|
status = NDIS_STATUS_RESOURCES;
|
|
break;
|
|
}
|
|
|
|
// Complete the "send datagram" IRP initialization.
|
|
//
|
|
TdiBuildSend(
|
|
pIrp,
|
|
DeviceObj,
|
|
pFileObj,
|
|
TdixSendComplete,
|
|
pSdg,
|
|
NdisBufferFromBuffer( pBuffer ),
|
|
0,
|
|
ulBufferLength);
|
|
|
|
if (ppIrp)
|
|
{
|
|
*ppIrp = pIrp;
|
|
}
|
|
|
|
// Tell the I/O manager to pass our IRP to the transport for
|
|
// processing.
|
|
//
|
|
iostatus = IoCallDriver( DeviceObj, pIrp );
|
|
ASSERT( iostatus == STATUS_PENDING );
|
|
|
|
status = NDIS_STATUS_SUCCESS;
|
|
}
|
|
while (FALSE);
|
|
|
|
if (status != NDIS_STATUS_SUCCESS)
|
|
{
|
|
// Pull a half Jameel, i.e. convert a synchronous failure to an
|
|
// asynchronous failure from client's perspective. However, clean up
|
|
// context here.
|
|
//
|
|
++g_ulTdixSendDatagramFailures;
|
|
if (pSdg)
|
|
{
|
|
FREE_TDIXSDGINFO( pTdix, pSdg );
|
|
}
|
|
|
|
pSendCompleteHandler( pTdix, pContext1, pContext2, pBuffer );
|
|
}
|
|
|
|
return NDIS_STATUS_PENDING;
|
|
}
|
|
|
|
NDIS_STATUS
|
|
TdixSendDatagram(
|
|
IN TDIXCONTEXT* pTdix,
|
|
IN FILE_OBJECT* FileObj,
|
|
IN PTDIXSENDCOMPLETE pSendCompleteHandler,
|
|
IN VOID* pContext1,
|
|
IN VOID* pContext2,
|
|
IN VOID* pAddress,
|
|
IN CHAR* pBuffer,
|
|
IN ULONG ulBufferLength,
|
|
OUT IRP** ppIrp )
|
|
|
|
// Send a datagram buffer 'pBuffer', 'ulBufferLength' bytes long, to
|
|
// remote address 'pAddress'. The buffer must be from a BUFFERPOOL of
|
|
// NDIS_BUFFERs. 'PTdix' is the transport context.
|
|
// 'PSendDatagramCompleteHander' is caller's completion handler which is
|
|
// passed 'pContext1' and 'pContext2'. If 'ppIrp' is non-NULL '*ppIrp' is
|
|
// set to the address of the posted IRP, this for debugging purposes.
|
|
//
|
|
// This call must be made at PASSIVE IRQL.
|
|
//
|
|
// Returns NDIS_STATUS_SUCCESS if successful, or NDIS_STATUS_FAILURE.
|
|
//
|
|
{
|
|
NDIS_STATUS status;
|
|
NTSTATUS iostatus;
|
|
TDIXSDGINFO* pSdg;
|
|
SHORT sPort;
|
|
PIRP pIrp;
|
|
TDI_ADDRESS_IP* pTdiIp;
|
|
|
|
TRACE( TL_N, TM_Tdi, ( "TdixSendDg(dst=%d.%d.%d.%d/%d,len=%d)",
|
|
IPADDRTRACE( ((TDIXIPADDRESS* )pAddress)->ulIpAddress ),
|
|
(ULONG )(ntohs( ((TDIXIPADDRESS* )pAddress)->sUdpPort )),
|
|
ulBufferLength ) );
|
|
|
|
// Not used in this function!
|
|
//
|
|
FileObj;
|
|
|
|
do
|
|
{
|
|
// Allocate a context for this send-datagram from our lookaside list.
|
|
//
|
|
pSdg = ALLOC_TDIXSDGINFO( pTdix );
|
|
if (pSdg)
|
|
{
|
|
// Fill in the send-datagram context.
|
|
//
|
|
pSdg->pTdix = pTdix;
|
|
pSdg->pSendCompleteHandler = pSendCompleteHandler;
|
|
pSdg->pContext1 = pContext1;
|
|
pSdg->pContext2 = pContext2;
|
|
pSdg->pBuffer = pBuffer;
|
|
}
|
|
else
|
|
{
|
|
ASSERT( !"Alloc SDG?" );
|
|
status = NDIS_STATUS_RESOURCES;
|
|
break;
|
|
}
|
|
|
|
// Put the destination IP address in the "connection" structure as TDI
|
|
// expects. The "connection" is part of our context as it must be
|
|
// available to TDI until the request completes.
|
|
//
|
|
pSdg->taip.TAAddressCount = 1;
|
|
pSdg->taip.Address[ 0 ].AddressLength = TDI_ADDRESS_LENGTH_IP;
|
|
pSdg->taip.Address[ 0 ].AddressType = TDI_ADDRESS_TYPE_IP;
|
|
|
|
pTdiIp = &pSdg->taip.Address[ 0 ].Address[ 0 ];
|
|
|
|
sPort = ((TDIXIPADDRESS* )pAddress)->sUdpPort;
|
|
if (sPort == 0 && pTdix->mediatype == TMT_Udp)
|
|
{
|
|
sPort = (SHORT )(htons( L2TP_UdpPort ));
|
|
}
|
|
|
|
pTdiIp->sin_port = sPort;
|
|
pTdiIp->in_addr = ((TDIXIPADDRESS* )pAddress)->ulIpAddress;
|
|
NdisZeroMemory( pTdiIp->sin_zero, sizeof(pTdiIp->sin_zero) );
|
|
|
|
pSdg->tdiconninfo.UserDataLength = 0;
|
|
pSdg->tdiconninfo.UserData = NULL;
|
|
pSdg->tdiconninfo.OptionsLength = 0;
|
|
pSdg->tdiconninfo.Options = NULL;
|
|
pSdg->tdiconninfo.RemoteAddressLength = sizeof(pSdg->taip);
|
|
pSdg->tdiconninfo.RemoteAddress = &pSdg->taip;
|
|
|
|
#if ALLOCATEIRPS
|
|
// Allocate the IRP directly.
|
|
//
|
|
pIrp = IoAllocateIrp(
|
|
pTdix->pAddress->DeviceObject->StackSize, FALSE );
|
|
#else
|
|
// Allocate a "send datagram" IRP with base initialization.
|
|
//
|
|
pIrp =
|
|
TdiBuildInternalDeviceControlIrp(
|
|
TDI_SEND_DATAGRAM,
|
|
pTdix->pAddress->DeviceObject,
|
|
pTdix->pAddress,
|
|
NULL,
|
|
NULL );
|
|
#endif
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Alloc IRP?" ) );
|
|
status = NDIS_STATUS_RESOURCES;
|
|
break;
|
|
}
|
|
|
|
// Complete the "send datagram" IRP initialization.
|
|
//
|
|
TdiBuildSendDatagram(
|
|
pIrp,
|
|
pTdix->pAddress->DeviceObject,
|
|
pTdix->pAddress,
|
|
TdixSendDatagramComplete,
|
|
pSdg,
|
|
NdisBufferFromBuffer( pBuffer ),
|
|
ulBufferLength,
|
|
&pSdg->tdiconninfo );
|
|
|
|
if (ppIrp)
|
|
{
|
|
*ppIrp = pIrp;
|
|
}
|
|
|
|
// Tell the I/O manager to pass our IRP to the transport for
|
|
// processing.
|
|
//
|
|
iostatus = IoCallDriver( pTdix->pAddress->DeviceObject, pIrp );
|
|
ASSERT( iostatus == STATUS_PENDING );
|
|
|
|
status = NDIS_STATUS_SUCCESS;
|
|
}
|
|
while (FALSE);
|
|
|
|
if (status != NDIS_STATUS_SUCCESS)
|
|
{
|
|
// Pull a half Jameel, i.e. convert a synchronous failure to an
|
|
// asynchronous failure from client's perspective. However, clean up
|
|
// context here.
|
|
//
|
|
++g_ulTdixSendDatagramFailures;
|
|
if (pSdg)
|
|
{
|
|
FREE_TDIXSDGINFO( pTdix, pSdg );
|
|
}
|
|
|
|
pSendCompleteHandler( pTdix, pContext1, pContext2, pBuffer );
|
|
}
|
|
|
|
return NDIS_STATUS_PENDING;
|
|
}
|
|
|
|
VOID
|
|
TdixDestroyConnection(
|
|
TDIXUDPCONNECTCONTEXT *pUdpContext)
|
|
{
|
|
if (pUdpContext->fUsePayloadAddr) {
|
|
|
|
ASSERT(pUdpContext->hPayloadAddr != NULL);
|
|
|
|
ObDereferenceObject( pUdpContext->pPayloadAddr );
|
|
|
|
// Close the payload address object
|
|
//
|
|
ZwClose(pUdpContext->hPayloadAddr);
|
|
pUdpContext->hPayloadAddr = NULL;
|
|
pUdpContext->fUsePayloadAddr = FALSE;
|
|
}
|
|
|
|
if (pUdpContext->hCtrlAddr != NULL) {
|
|
|
|
// Close the Ctrl address object
|
|
//
|
|
ObDereferenceObject( pUdpContext->pCtrlAddr );
|
|
ZwClose (pUdpContext->hCtrlAddr);
|
|
pUdpContext->hCtrlAddr = NULL;
|
|
}
|
|
}
|
|
|
|
|
|
NDIS_STATUS
|
|
TdixSetupConnection(
|
|
IN TDIXCONTEXT* pTdix,
|
|
IN ULONG ulIpAddress,
|
|
IN SHORT sPort,
|
|
IN TDIXROUTE *pTdixRoute,
|
|
IN TDIXUDPCONNECTCONTEXT* pUdpContext)
|
|
{
|
|
NDIS_STATUS status = STATUS_SUCCESS;
|
|
|
|
ASSERT(pUdpContext != NULL);
|
|
|
|
if (pTdix->mediatype == TMT_Udp)
|
|
{
|
|
|
|
do {
|
|
UNICODE_STRING uniDevice;
|
|
UNICODE_STRING uniProtocolNumber;
|
|
TDIXIPADDRESS TdixIpAddress;
|
|
|
|
|
|
// Create an address object that we can send across. If we have udp xsums
|
|
// disabled we will need to create two address objects, one for control
|
|
// and one for payload. This allows payload specific features to be
|
|
// implemented.
|
|
//
|
|
uniDevice.Buffer = DD_UDP_DEVICE_NAME;
|
|
uniDevice.Length = sizeof(DD_UDP_DEVICE_NAME) - sizeof(WCHAR);
|
|
|
|
NdisZeroMemory(&TdixIpAddress, sizeof(TdixIpAddress));
|
|
|
|
if(sPort != 0)
|
|
{
|
|
pTdixRoute->sPort = sPort;
|
|
}
|
|
else
|
|
{
|
|
pTdixRoute->sPort = (SHORT)(htons(L2TP_UdpPort));
|
|
}
|
|
|
|
TdixIpAddress.sUdpPort = (SHORT)(htons(L2TP_UdpPort));
|
|
|
|
TRACE( TL_A, TM_Tdi, ( "sPort for $%08x set to %d",
|
|
ulIpAddress, (UINT) ntohs(pTdixRoute->sPort ) ));
|
|
|
|
// Build the UDP device name as a counted string.
|
|
//
|
|
status = TdixOpenIpAddress(&uniDevice,
|
|
&TdixIpAddress,
|
|
&pUdpContext->hCtrlAddr,
|
|
&pUdpContext->pCtrlAddr );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR OpenCtrlAddr=%x?", status ) );
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Associate a particular "send" IP interface index with the address
|
|
// object, so that if that interface disappears traffic will not be
|
|
// "re-routed" often back into the tunnel producing disastrous
|
|
// looping.
|
|
//
|
|
status = TdixConnectAddrInterface(pUdpContext->pCtrlAddr,
|
|
pUdpContext->hCtrlAddr,
|
|
pTdixRoute);
|
|
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR ConnectCtrlAddr=%x?", status ) );
|
|
break;
|
|
}
|
|
|
|
// If udp xsums are disabled we need to create another address object.
|
|
// We will set this object to disable udp xsums and then use it to
|
|
// send payload data.
|
|
//
|
|
// If udp xsums are enabled we can use the same address object for
|
|
// payloads that we use for contrl frames.
|
|
//
|
|
if (pTdix->ulFlags & TDIXF_DisableUdpXsums)
|
|
{
|
|
TDIXIPADDRESS TdixIpAddress;
|
|
|
|
NdisZeroMemory(&TdixIpAddress, sizeof(TdixIpAddress));
|
|
TdixIpAddress.sUdpPort = (SHORT)(htons(L2TP_UdpPort));
|
|
|
|
// Open the address object
|
|
//
|
|
status = TdixOpenIpAddress(&uniDevice,
|
|
&TdixIpAddress,
|
|
&pUdpContext->hPayloadAddr,
|
|
&pUdpContext->pPayloadAddr );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR OpenPayloadAddr=%x?", status ) );
|
|
pUdpContext->hPayloadAddr = NULL;
|
|
break;
|
|
}
|
|
|
|
pUdpContext->fUsePayloadAddr = TRUE;
|
|
|
|
TdixDisableUdpChecksums( pUdpContext->pPayloadAddr );
|
|
|
|
// Associate a particular "send" IP interface index with the address
|
|
// object, so that if that interface disappears traffic will not be
|
|
// "re-routed" often back into the tunnel producing disastrous
|
|
// looping.
|
|
//
|
|
status = TdixConnectAddrInterface(pUdpContext->pPayloadAddr,
|
|
pUdpContext->hPayloadAddr,
|
|
pTdixRoute );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR ConnectPayloadAddr=%x?", status ) );
|
|
break;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
pUdpContext->hPayloadAddr = pUdpContext->hCtrlAddr;
|
|
pUdpContext->pPayloadAddr = pUdpContext->pCtrlAddr;
|
|
|
|
TRACE( TL_I, TM_Tdi, ( "AHR Ctrl==Payload") );
|
|
}
|
|
|
|
} while ( FALSE );
|
|
|
|
}
|
|
|
|
return status;
|
|
}
|
|
|
|
|
|
VOID*
|
|
TdixAddHostRoute(
|
|
IN TDIXCONTEXT* pTdix,
|
|
IN ULONG ulIpAddress,
|
|
IN SHORT sPort)
|
|
|
|
// Adds a host route for the remote peer's network byte-ordered IP address
|
|
// 'ulIpAddress', i.e. routes packets directed to the L2TP peer to the LAN
|
|
// card rather than back into the tunnel where it would loop infinitely.
|
|
// 'PTdix' is the is caller's TDI extension context.
|
|
//
|
|
// Returns true if the route was added, false otherwise.
|
|
//
|
|
// Note: This routine borrows heavily from PPTP.
|
|
//
|
|
{
|
|
TCP_REQUEST_QUERY_INFORMATION_EX QueryBuf;
|
|
TCP_REQUEST_SET_INFORMATION_EX* pSetBuf;
|
|
VOID* pBuffer2;
|
|
PIO_STACK_LOCATION pIrpSp;
|
|
PDEVICE_OBJECT pDeviceObject;
|
|
PDEVICE_OBJECT pIpDeviceObject;
|
|
NTSTATUS status = STATUS_SUCCESS;
|
|
PIRP pIrp;
|
|
IO_STATUS_BLOCK iosb;
|
|
IPRouteEntry* pBuffer;
|
|
IPRouteEntry* pRouteEntry;
|
|
IPRouteEntry* pNewRouteEntry;
|
|
IPRouteEntry* pBestRoute;
|
|
ULONG ulRouteCount;
|
|
ULONG ulSize;
|
|
ULONG i;
|
|
ULONG ulBestMask;
|
|
ULONG ulBestMetric;
|
|
TDIXROUTE* pTdixRoute;
|
|
BOOLEAN fNewRoute;
|
|
BOOLEAN fPending;
|
|
BOOLEAN fOpenPending;
|
|
BOOLEAN fUsedNonL2tpRoute;
|
|
LONG lRef;
|
|
KEVENT event;
|
|
|
|
if (ulIpAddress == 0)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "IP == 0?" ) );
|
|
return ((VOID*)NULL);
|
|
}
|
|
|
|
TRACE( TL_N, TM_Tdi,
|
|
( "TdixAddHostRoute(ip=%d.%d.%d.%d)", IPADDRTRACE( ulIpAddress ) ) );
|
|
|
|
// Host routes are referenced since more than one tunnel to the same peer
|
|
// (allowed by L2TP) shares the same system route. See if this is just a
|
|
// reference or the actual add of the system host route.
|
|
//
|
|
for (;;)
|
|
{
|
|
fPending = FALSE;
|
|
fOpenPending = FALSE;
|
|
pTdixRoute = NULL;
|
|
fNewRoute = FALSE;
|
|
|
|
NdisAcquireSpinLock( &pTdix->lock );
|
|
do
|
|
{
|
|
if (pTdix->lRef <= 0)
|
|
{
|
|
// TDIX is closed or closing, so the add route fails.
|
|
//
|
|
break;
|
|
}
|
|
|
|
if (ReadFlags( &pTdix->ulFlags ) & TDIXF_Pending)
|
|
{
|
|
// A TdixOpen is pending. Wait for it to finish before
|
|
// adding the route.
|
|
//
|
|
fOpenPending = TRUE;
|
|
break;
|
|
}
|
|
|
|
pTdixRoute = TdixRouteFromIpAddress( pTdix, ulIpAddress );
|
|
if (pTdixRoute)
|
|
{
|
|
// Found an existing route context.
|
|
//
|
|
fPending = pTdixRoute->fPending;
|
|
if (!fPending)
|
|
{
|
|
// No other operation is pending on the route context.
|
|
// Take a reference.
|
|
//
|
|
++pTdixRoute->lRef;
|
|
}
|
|
break;
|
|
}
|
|
|
|
// No existing route context. Create and link a new one.
|
|
//
|
|
pTdixRoute = ALLOC_TDIXROUTE( pTdix );
|
|
if (pTdixRoute)
|
|
{
|
|
NdisZeroMemory(pTdixRoute, sizeof(TDIXROUTE));
|
|
|
|
pTdixRoute->ulIpAddress = ulIpAddress;
|
|
pTdixRoute->lRef = 1;
|
|
pTdixRoute->fPending = TRUE;
|
|
pTdixRoute->fUsedNonL2tpRoute = FALSE;
|
|
|
|
InsertTailList(
|
|
&pTdix->listRoutes, &pTdixRoute->linkRoutes );
|
|
lRef = ++pTdix->lRef;
|
|
TRACE( TL_N, TM_Tdi, ( "TdixAHR, refs=%d", lRef ) );
|
|
|
|
fPending = pTdixRoute->fPending;
|
|
fNewRoute = TRUE;
|
|
}
|
|
}
|
|
while (FALSE);
|
|
NdisReleaseSpinLock( &pTdix->lock );
|
|
|
|
if (!fOpenPending)
|
|
{
|
|
if (!pTdixRoute)
|
|
{
|
|
// TDIX is closed or we couldn't find an existing route
|
|
// context or create a new one. Report failure.
|
|
//
|
|
return ((VOID*)NULL);
|
|
}
|
|
|
|
if (fNewRoute)
|
|
{
|
|
// Created a new route context so go on to make the IOCTL
|
|
// calls to add the associated system host route.
|
|
//
|
|
break;
|
|
}
|
|
|
|
if (!fPending)
|
|
{
|
|
// Took a reference on an existing route context. Report
|
|
// success.
|
|
//
|
|
return (pTdixRoute);
|
|
}
|
|
}
|
|
|
|
// An operation is already pending. Give it some time to finish then
|
|
// check again.
|
|
//
|
|
TRACE( TL_I, TM_Tdi, ( "NdisMSleep(add)" ) );
|
|
NdisMSleep( 100000 );
|
|
TRACE( TL_I, TM_Tdi, ( "NdisMSleep(add) done" ) );
|
|
}
|
|
|
|
// Do the IOCTLs to add the host route.
|
|
//
|
|
pBuffer = NULL;
|
|
pBuffer2 = NULL;
|
|
fUsedNonL2tpRoute = FALSE;
|
|
|
|
do
|
|
{
|
|
|
|
// Get the routing table from the IP stack. This make take a few
|
|
// iterations since the size of the buffer required is not known. Set
|
|
// up the static request information first.
|
|
//
|
|
QueryBuf.ID.toi_entity.tei_entity = CL_NL_ENTITY;
|
|
QueryBuf.ID.toi_entity.tei_instance = 0;
|
|
QueryBuf.ID.toi_class = INFO_CLASS_PROTOCOL;
|
|
QueryBuf.ID.toi_type = INFO_TYPE_PROVIDER;
|
|
pDeviceObject = IoGetRelatedDeviceObject( pTdix->pAddress );
|
|
|
|
status = !STATUS_SUCCESS;
|
|
ulRouteCount = 20;
|
|
for (;;)
|
|
{
|
|
// Allocate a buffer big enough for 'ulRouteCount' routes.
|
|
//
|
|
ulSize = sizeof(IPRouteEntry) * ulRouteCount;
|
|
QueryBuf.ID.toi_id = IP_MIB_RTTABLE_ENTRY_ID;
|
|
NdisZeroMemory( &QueryBuf.Context, CONTEXT_SIZE );
|
|
|
|
pBuffer = (IPRouteEntry* )ALLOC_NONPAGED( ulSize, MTAG_ROUTEQUERY );
|
|
if (!pBuffer)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Alloc RQ?" ) );
|
|
break;
|
|
}
|
|
|
|
// Set up a request to the IP stack to fill the buffer with the
|
|
// routing table and send it to the stack.
|
|
//
|
|
KeInitializeEvent(&event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp =
|
|
IoBuildDeviceIoControlRequest(
|
|
IOCTL_TCP_QUERY_INFORMATION_EX,
|
|
pDeviceObject,
|
|
(PVOID )&QueryBuf,
|
|
sizeof(QueryBuf),
|
|
pBuffer,
|
|
ulSize,
|
|
FALSE,
|
|
&event,
|
|
&iosb);
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Build Q Irp?" ) );
|
|
break;
|
|
}
|
|
|
|
pIrpSp = IoGetNextIrpStackLocation( pIrp );
|
|
pIrpSp->FileObject = pTdix->pAddress;
|
|
|
|
status = IoCallDriver( pDeviceObject, pIrp );
|
|
|
|
if (status == STATUS_PENDING) {
|
|
KeWaitForSingleObject(&event,
|
|
Executive,
|
|
KernelMode,
|
|
FALSE,
|
|
NULL);
|
|
|
|
status = iosb.Status;
|
|
}
|
|
|
|
if (status != STATUS_BUFFER_OVERFLOW)
|
|
{
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
g_statusLastAhrTcpQueryInfoExFailure = status;
|
|
}
|
|
break;
|
|
}
|
|
|
|
// The buffer didn't hold the routing table. Undo in preparation
|
|
// for another try with twice as big a buffer.
|
|
//
|
|
ulRouteCount <<= 1;
|
|
FREE_NONPAGED( pBuffer );
|
|
}
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR Q_INFO_EX=%d?", status ) );
|
|
break;
|
|
}
|
|
|
|
status = !STATUS_SUCCESS;
|
|
|
|
// Calculate how many routes were loaded into our buffer.
|
|
//
|
|
ulRouteCount = (ULONG )(iosb.Information / sizeof(IPRouteEntry));
|
|
|
|
// Walk the route table looking for the "best route" that will be used
|
|
// to route packets to the peer, i.e. the one with the highest
|
|
// priority metric, and within that, the highest class address mask.
|
|
//
|
|
pBestRoute = NULL;
|
|
ulBestMask = 0;
|
|
ulBestMetric = (ULONG )-1;
|
|
|
|
for (i = 0, pRouteEntry = pBuffer;
|
|
i < ulRouteCount;
|
|
++i, ++pRouteEntry)
|
|
{
|
|
if (pRouteEntry->ire_dest == (ulIpAddress & pRouteEntry->ire_mask))
|
|
{
|
|
// Found a route that applies to peer's IP address.
|
|
//
|
|
if (!pBestRoute
|
|
|| (ulBestMask == pRouteEntry->ire_mask)
|
|
&& (pRouteEntry->ire_metric1 < ulBestMetric))
|
|
{
|
|
// The route has a lower (higher priority) metric than
|
|
// anything found so far.
|
|
//
|
|
pBestRoute = pRouteEntry;
|
|
ulBestMask = pRouteEntry->ire_mask;
|
|
ulBestMetric = pRouteEntry->ire_metric1;
|
|
continue;
|
|
}
|
|
|
|
if (ntohl( pRouteEntry->ire_mask ) > ntohl( ulBestMask ))
|
|
{
|
|
// The route has a higher address class mask than anything
|
|
// found so far.
|
|
//
|
|
pBestRoute = pRouteEntry;
|
|
ulBestMask = pRouteEntry->ire_mask;
|
|
ulBestMetric = pRouteEntry->ire_metric1;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (pBestRoute)
|
|
{
|
|
// Found the route that will be used to route peer's address.
|
|
//
|
|
if (pBestRoute->ire_dest == ulIpAddress
|
|
&& pBestRoute->ire_mask == 0xFFFFFFFF)
|
|
{
|
|
// The host route already exists.
|
|
//
|
|
if (pTdix->hre == HRE_Use)
|
|
{
|
|
TRACE( TL_I, TM_Tdi, ( "Route exists (use as is)" ) );
|
|
status = STATUS_SUCCESS;
|
|
fUsedNonL2tpRoute = TRUE;
|
|
break;
|
|
}
|
|
else if (pTdix->hre == HRE_Fail)
|
|
{
|
|
TRACE( TL_I, TM_Tdi, ( "Route exists (fail)" ) );
|
|
break;
|
|
}
|
|
|
|
// If we reach here then we are in HRE_Reference mode, so drop
|
|
// thru and re-add the route so it's reference in the IP stack
|
|
// will be incremented.
|
|
}
|
|
|
|
pTdixRoute->InterfaceIndex = pBestRoute->ire_index;
|
|
|
|
#if ROUTEWITHREF
|
|
// Allocate a buffer to hold our request to add a new route.
|
|
//
|
|
ulSize = sizeof(IPRouteEntry);
|
|
pBuffer2 = ALLOC_NONPAGED( ulSize, MTAG_ROUTESET );
|
|
if (!pBuffer2)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Alloc SI?" ) );
|
|
break;
|
|
}
|
|
|
|
// Fill in the request buffer with the information about the new
|
|
// specific route. The best route is used as a template.
|
|
//
|
|
pNewRouteEntry = (IPRouteEntry* )pBuffer2;
|
|
NdisMoveMemory( pNewRouteEntry, pBestRoute, sizeof(IPRouteEntry) );
|
|
|
|
pNewRouteEntry->ire_dest = ulIpAddress;
|
|
pNewRouteEntry->ire_mask = 0xFFFFFFFF;
|
|
|
|
// Check DIRECT/INDIRECT only if this is not a host route
|
|
if(pBestRoute->ire_mask != 0xFFFFFFFF)
|
|
{
|
|
if ((pBestRoute->ire_nexthop & pBestRoute->ire_mask)
|
|
== (ulIpAddress & pBestRoute->ire_mask))
|
|
{
|
|
pNewRouteEntry->ire_type = IRE_TYPE_DIRECT;
|
|
}
|
|
else
|
|
{
|
|
pNewRouteEntry->ire_type = IRE_TYPE_INDIRECT;
|
|
}
|
|
}
|
|
pNewRouteEntry->ire_proto = IRE_PROTO_NETMGMT;
|
|
|
|
pIpDeviceObject =
|
|
IoGetRelatedDeviceObject( pTdix->pIpStackAddress );
|
|
|
|
KeInitializeEvent(&event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp =
|
|
IoBuildDeviceIoControlRequest(
|
|
IOCTL_IP_SET_ROUTEWITHREF,
|
|
pIpDeviceObject,
|
|
pNewRouteEntry,
|
|
ulSize,
|
|
NULL,
|
|
0,
|
|
FALSE,
|
|
&event,
|
|
&iosb);
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Build S Irp?" ) );
|
|
break;
|
|
}
|
|
|
|
pIrpSp = IoGetNextIrpStackLocation( pIrp );
|
|
pIrpSp->FileObject = pTdix->pIpStackAddress;
|
|
|
|
// Send the request to the IP stack.
|
|
//
|
|
status = IoCallDriver( pIpDeviceObject, pIrp );
|
|
#else
|
|
// Allocate a buffer to hold our request to add a new route.
|
|
//
|
|
ulSize =
|
|
sizeof(TCP_REQUEST_SET_INFORMATION_EX) + sizeof(IPRouteEntry);
|
|
pBuffer2 = ALLOC_NONPAGED( ulSize, MTAG_ROUTESET );
|
|
if (!pBuffer2)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Alloc SI?" ) );
|
|
break;
|
|
}
|
|
|
|
// Fill in the request buffer with the information about the new
|
|
// specific route. The best route is used as a template.
|
|
//
|
|
pSetBuf = (TCP_REQUEST_SET_INFORMATION_EX* )pBuffer2;
|
|
NdisZeroMemory( pSetBuf, ulSize );
|
|
|
|
pSetBuf->ID.toi_entity.tei_entity = CL_NL_ENTITY;
|
|
pSetBuf->ID.toi_entity.tei_instance = 0;
|
|
pSetBuf->ID.toi_class = INFO_CLASS_PROTOCOL;
|
|
pSetBuf->ID.toi_type = INFO_TYPE_PROVIDER;
|
|
pSetBuf->ID.toi_id = IP_MIB_RTTABLE_ENTRY_ID;
|
|
pSetBuf->BufferSize = sizeof(IPRouteEntry);
|
|
|
|
pNewRouteEntry = (IPRouteEntry* )&pSetBuf->Buffer[ 0 ];
|
|
NdisMoveMemory( pNewRouteEntry, pBestRoute, sizeof(IPRouteEntry) );
|
|
|
|
pNewRouteEntry->ire_dest = ulIpAddress;
|
|
pNewRouteEntry->ire_mask = 0xFFFFFFFF;
|
|
|
|
// Check DIRECT/INDIRECT only if this is not a host route
|
|
if(pBestRoute->ire_mask != 0xFFFFFFFF)
|
|
{
|
|
if ((pBestRoute->ire_nexthop & pBestRoute->ire_mask)
|
|
== (ulIpAddress & pBestRoute->ire_mask))
|
|
{
|
|
pNewRouteEntry->ire_type = IRE_TYPE_DIRECT;
|
|
}
|
|
else
|
|
{
|
|
pNewRouteEntry->ire_type = IRE_TYPE_INDIRECT;
|
|
}
|
|
}
|
|
pNewRouteEntry->ire_proto = IRE_PROTO_NETMGMT;
|
|
|
|
KeInitializeEvent(&event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp =
|
|
IoBuildDeviceIoControlRequest(
|
|
IOCTL_TCP_SET_INFORMATION_EX,
|
|
pDeviceObject,
|
|
pSetBuf,
|
|
ulSize,
|
|
NULL,
|
|
0,
|
|
FALSE,
|
|
&event,
|
|
&iosb);
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Build S Irp?" ) );
|
|
break;
|
|
}
|
|
|
|
pIrpSp = IoGetNextIrpStackLocation( pIrp );
|
|
pIrpSp->FileObject = pTdix->pAddress;
|
|
|
|
// Send the request to the IP stack.
|
|
//
|
|
status = IoCallDriver( pDeviceObject, pIrp );
|
|
#endif
|
|
if (status == STATUS_PENDING) {
|
|
KeWaitForSingleObject(&event,
|
|
Executive,
|
|
KernelMode,
|
|
FALSE,
|
|
NULL);
|
|
status = iosb.Status;
|
|
}
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR SET_ROUTE=$%08x?", status ) );
|
|
g_statusLastAhrSetRouteFailure = status;
|
|
break;
|
|
}
|
|
|
|
TRACE( TL_N, TM_Tdi,
|
|
( "Add host route %d.%d.%d.%d type %d nexthop %d.%d.%d.%d index %d",
|
|
IPADDRTRACE( pNewRouteEntry->ire_dest ),
|
|
pNewRouteEntry->ire_type,
|
|
IPADDRTRACE( pNewRouteEntry->ire_nexthop ),
|
|
pNewRouteEntry->ire_index ) );
|
|
}
|
|
else
|
|
{
|
|
++g_ulNoBestRoute;
|
|
TRACE( TL_A, TM_Tdi, ( "No best route for $%08x?", ulIpAddress ) );
|
|
break;
|
|
}
|
|
}
|
|
while (FALSE);
|
|
|
|
if (pBuffer)
|
|
{
|
|
FREE_NONPAGED( pBuffer );
|
|
}
|
|
|
|
if (pBuffer2)
|
|
{
|
|
FREE_NONPAGED( pBuffer2 );
|
|
}
|
|
|
|
// Update the route context.
|
|
//
|
|
{
|
|
BOOLEAN fDoClose;
|
|
LONG lRef;
|
|
|
|
fDoClose = FALSE;
|
|
NdisAcquireSpinLock( &pTdix->lock );
|
|
{
|
|
pTdixRoute->fUsedNonL2tpRoute = fUsedNonL2tpRoute;
|
|
|
|
if (status == STATUS_SUCCESS)
|
|
{
|
|
++g_ulTdixAddHostRouteSuccesses;
|
|
pTdixRoute->fPending = FALSE;
|
|
}
|
|
else
|
|
{
|
|
++g_ulTdixAddHostRouteFailures;
|
|
RemoveEntryList( &pTdixRoute->linkRoutes );
|
|
lRef = --pTdix->lRef;
|
|
TRACE( TL_A, TM_Tdi, ( "TdixAHR fail, refs=%d", lRef ) );
|
|
if (lRef <= 0)
|
|
{
|
|
fDoClose = TRUE;
|
|
}
|
|
FREE_TDIXROUTE( pTdxi, pTdixRoute );
|
|
pTdixRoute = NULL;
|
|
}
|
|
}
|
|
NdisReleaseSpinLock( &pTdix->lock );
|
|
|
|
if (fDoClose)
|
|
{
|
|
TdixDoClose( pTdix );
|
|
}
|
|
}
|
|
|
|
#if 0
|
|
if ((status == STATUS_SUCCESS) &&
|
|
(pTdix->mediatype == TMT_Udp)) {
|
|
|
|
do {
|
|
UNICODE_STRING uniDevice;
|
|
UNICODE_STRING uniProtocolNumber;
|
|
TDIXIPADDRESS TdixIpAddress;
|
|
|
|
|
|
// Create an address object that we can send across. If we have udp xsums
|
|
// disabled we will need to create two address objects, one for control
|
|
// and one for payload. This allows payload specific features to be
|
|
// implemented.
|
|
//
|
|
uniDevice.Buffer = DD_UDP_DEVICE_NAME;
|
|
uniDevice.Length = sizeof(DD_UDP_DEVICE_NAME) - sizeof(WCHAR);
|
|
|
|
NdisZeroMemory(&TdixIpAddress, sizeof(TdixIpAddress));
|
|
|
|
if(sPort != 0)
|
|
{
|
|
pTdixRoute->sPort = sPort;
|
|
}
|
|
else
|
|
{
|
|
pTdixRoute->sPort = (SHORT)(htons(L2TP_UdpPort));
|
|
}
|
|
|
|
TdixIpAddress.sUdpPort = (SHORT)(htons(L2TP_UdpPort));
|
|
|
|
TRACE( TL_A, TM_Tdi, ( "sPort for $%08x set to %d",
|
|
ulIpAddress, (UINT) ntohs(pTdixRoute->sPort ) ));
|
|
|
|
// Build the UDP device name as a counted string.
|
|
//
|
|
status = TdixOpenIpAddress(&uniDevice,
|
|
&TdixIpAddress,
|
|
&pTdixRoute->hCtrlAddr,
|
|
&pTdixRoute->pCtrlAddr );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR OpenCtrlAddr=%x?", status ) );
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Associate a particular "send" IP interface index with the address
|
|
// object, so that if that interface disappears traffic will not be
|
|
// "re-routed" often back into the tunnel producing disastrous
|
|
// looping.
|
|
//
|
|
status = TdixConnectAddrInterface(pTdixRoute->pCtrlAddr,
|
|
pTdixRoute->hCtrlAddr,
|
|
pTdixRoute);
|
|
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR ConnectCtrlAddr=%x?", status ) );
|
|
break;
|
|
}
|
|
|
|
// If udp xsums are disabled we need to create another address object.
|
|
// We will set this object to disable udp xsums and then use it to
|
|
// send payload data.
|
|
//
|
|
// If udp xsums are enabled we can use the same address object for
|
|
// payloads that we use for contrl frames.
|
|
//
|
|
if (pTdix->ulFlags & TDIXF_DisableUdpXsums)
|
|
{
|
|
TDIXIPADDRESS TdixIpAddress;
|
|
|
|
NdisZeroMemory(&TdixIpAddress, sizeof(TdixIpAddress));
|
|
TdixIpAddress.sUdpPort = (SHORT)(htons(L2TP_UdpPort));
|
|
|
|
// Open the address object
|
|
//
|
|
status = TdixOpenIpAddress(&uniDevice,
|
|
&TdixIpAddress,
|
|
&pTdixRoute->hPayloadAddr,
|
|
&pTdixRoute->pPayloadAddr );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR OpenPayloadAddr=%x?", status ) );
|
|
pTdixRoute->hPayloadAddr = NULL;
|
|
break;
|
|
}
|
|
|
|
pTdixRoute->fUsePayloadAddr = TRUE;
|
|
|
|
TdixDisableUdpChecksums( pTdixRoute->pPayloadAddr );
|
|
|
|
// Associate a particular "send" IP interface index with the address
|
|
// object, so that if that interface disappears traffic will not be
|
|
// "re-routed" often back into the tunnel producing disastrous
|
|
// looping.
|
|
//
|
|
status = TdixConnectAddrInterface(pTdixRoute->pPayloadAddr,
|
|
pTdixRoute->hPayloadAddr,
|
|
pTdixRoute );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "AHR ConnectPayloadAddr=%x?", status ) );
|
|
break;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
pTdixRoute->hPayloadAddr = pTdixRoute->hCtrlAddr;
|
|
pTdixRoute->pPayloadAddr = pTdixRoute->pCtrlAddr;
|
|
|
|
TRACE( TL_I, TM_Tdi, ( "AHR Ctrl==Payload") );
|
|
}
|
|
|
|
} while ( FALSE );
|
|
|
|
if (status != STATUS_SUCCESS) {
|
|
|
|
TdixDeleteHostRoute(pTdix, ulIpAddress);
|
|
|
|
pTdixRoute = NULL;
|
|
}
|
|
}
|
|
|
|
#endif
|
|
|
|
return (pTdixRoute);
|
|
}
|
|
|
|
|
|
VOID
|
|
TdixDeleteHostRoute(
|
|
IN TDIXCONTEXT* pTdix,
|
|
IN ULONG ulIpAddress)
|
|
|
|
// Deletes the host route added for network byte-ordered IP address
|
|
// 'ulIpAddress'. 'PTdix' is caller's TDI extension context.
|
|
//
|
|
// Note: This routine borrows heavily from PPTP.
|
|
//
|
|
{
|
|
TCP_REQUEST_QUERY_INFORMATION_EX QueryBuf;
|
|
TCP_REQUEST_SET_INFORMATION_EX *pSetBuf;
|
|
VOID* pBuffer2;
|
|
PIO_STACK_LOCATION pIrpSp;
|
|
PDEVICE_OBJECT pDeviceObject;
|
|
PDEVICE_OBJECT pIpDeviceObject;
|
|
UCHAR context[ CONTEXT_SIZE ];
|
|
NTSTATUS status;
|
|
PIRP pIrp;
|
|
IO_STATUS_BLOCK iosb;
|
|
IPRouteEntry* pBuffer;
|
|
IPRouteEntry* pRouteEntry;
|
|
IPRouteEntry* pNewRouteEntry;
|
|
ULONG ulRouteCount;
|
|
ULONG ulSize;
|
|
ULONG i;
|
|
TDIXROUTE* pTdixRoute;
|
|
BOOLEAN fPending;
|
|
BOOLEAN fDoDelete;
|
|
KEVENT event;
|
|
|
|
TRACE( TL_N, TM_Tdi, ( "TdixDeleteHostRoute(%d.%d.%d.%d)",
|
|
IPADDRTRACE( ulIpAddress ) ) );
|
|
|
|
if (!ulIpAddress)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "!IP?" ) );
|
|
return;
|
|
}
|
|
|
|
// Host routes are referenced since more than one tunnel to the same peer
|
|
// (allowed by L2TP) shares the same system route. First, see if this is
|
|
// just a dereference or the final deletion of the system host route.
|
|
//
|
|
for (;;)
|
|
{
|
|
fDoDelete = FALSE;
|
|
fPending = FALSE;
|
|
|
|
NdisAcquireSpinLock( &pTdix->lock );
|
|
do
|
|
{
|
|
// These asserts hold because we never delete routes we didn't
|
|
// add, and since the route we added holds a TDIX reference, TDIX
|
|
// cannot be opening or closing.
|
|
//
|
|
ASSERT( pTdix->lRef > 0 );
|
|
ASSERT( !(ReadFlags( &pTdix->ulFlags) & TDIXF_Pending) );
|
|
|
|
pTdixRoute = TdixRouteFromIpAddress( pTdix, ulIpAddress );
|
|
if (pTdixRoute)
|
|
{
|
|
// Route exists. Remove a reference.
|
|
//
|
|
fPending = pTdixRoute->fPending;
|
|
if (!fPending)
|
|
{
|
|
if (--pTdixRoute->lRef <= 0)
|
|
{
|
|
// Last "add" reference has been removed so call the
|
|
// IOCTLs to delete the system route.
|
|
//
|
|
pTdixRoute->fPending = TRUE;
|
|
fDoDelete = TRUE;
|
|
}
|
|
}
|
|
}
|
|
DBG_else
|
|
{
|
|
ASSERT( FALSE );
|
|
}
|
|
}
|
|
while (FALSE);
|
|
NdisReleaseSpinLock( &pTdix->lock );
|
|
|
|
if (fDoDelete)
|
|
{
|
|
// This is the last reference, so go on and issue the IOCTLs to
|
|
// delete the system host route.
|
|
//
|
|
break;
|
|
}
|
|
|
|
if (!fPending)
|
|
{
|
|
// Just remove a reference.
|
|
//
|
|
return;
|
|
}
|
|
|
|
// An operation is already pending. Give it some time to finish then
|
|
// check again.
|
|
//
|
|
TRACE( TL_I, TM_Tdi, ( "NdisMSleep(del)" ) );
|
|
NdisMSleep( 100000 );
|
|
TRACE( TL_I, TM_Tdi, ( "NdisMSleep(del)" ) );
|
|
}
|
|
|
|
pBuffer = NULL;
|
|
|
|
do
|
|
{
|
|
if (pTdixRoute->fUsedNonL2tpRoute)
|
|
{
|
|
// Used a route we didn't add so don't delete it either.
|
|
//
|
|
status = STATUS_SUCCESS;
|
|
break;
|
|
}
|
|
|
|
// Get the routing table from the IP stack. This make take a few
|
|
// iterations since the size of the buffer required is not known. Set
|
|
// up the static request information first.
|
|
//
|
|
QueryBuf.ID.toi_entity.tei_entity = CL_NL_ENTITY;
|
|
QueryBuf.ID.toi_entity.tei_instance = 0;
|
|
QueryBuf.ID.toi_class = INFO_CLASS_PROTOCOL;
|
|
QueryBuf.ID.toi_type = INFO_TYPE_PROVIDER;
|
|
pDeviceObject = IoGetRelatedDeviceObject( pTdix->pAddress );
|
|
|
|
status = !STATUS_SUCCESS;
|
|
ulRouteCount = 20;
|
|
for (;;)
|
|
{
|
|
// Allocate a buffer big enough for 'ulRouteCount' routes.
|
|
//
|
|
ulSize = sizeof(IPRouteEntry) * ulRouteCount;
|
|
QueryBuf.ID.toi_id = IP_MIB_RTTABLE_ENTRY_ID;
|
|
NdisZeroMemory( &QueryBuf.Context, CONTEXT_SIZE );
|
|
|
|
pBuffer = (IPRouteEntry* )ALLOC_NONPAGED( ulSize, MTAG_ROUTEQUERY );
|
|
if (!pBuffer)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Alloc RQ?" ) );
|
|
break;
|
|
}
|
|
|
|
// Set up a request to the IP stack to fill the buffer with the
|
|
// routing table and send it to the stack.
|
|
//
|
|
KeInitializeEvent(&event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp = IoBuildDeviceIoControlRequest(
|
|
IOCTL_TCP_QUERY_INFORMATION_EX,
|
|
pDeviceObject,
|
|
(PVOID )&QueryBuf,
|
|
sizeof(QueryBuf),
|
|
pBuffer,
|
|
ulSize,
|
|
FALSE,
|
|
&event,
|
|
&iosb );
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "TCP_QI Irp?" ) );
|
|
break;
|
|
}
|
|
|
|
pIrpSp = IoGetNextIrpStackLocation( pIrp );
|
|
pIrpSp->FileObject = pTdix->pAddress;
|
|
|
|
status = IoCallDriver( pDeviceObject, pIrp );
|
|
|
|
if (status == STATUS_PENDING) {
|
|
KeWaitForSingleObject(&event,
|
|
Executive,
|
|
KernelMode,
|
|
FALSE,
|
|
NULL);
|
|
|
|
status = iosb.Status;
|
|
}
|
|
|
|
if (status != STATUS_BUFFER_OVERFLOW)
|
|
{
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "DHR Q_INFO_EX=%d?", status ) );
|
|
g_statusLastDhrTcpQueryInfoExFailure = status;
|
|
}
|
|
break;
|
|
}
|
|
|
|
// The buffer didn't hold the routing table. Undo in preparation for
|
|
// another try with twice as big a buffer.
|
|
//
|
|
ulRouteCount <<= 1;
|
|
FREE_NONPAGED( pBuffer );
|
|
}
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
break;
|
|
}
|
|
|
|
// Calculate how many routes were loaded into our buffer.
|
|
//
|
|
ulRouteCount = (ULONG )(iosb.Information / sizeof(IPRouteEntry));
|
|
|
|
// Walk the route table looking for the route we added in
|
|
// TdixAddHostRoute.
|
|
//
|
|
status = !STATUS_SUCCESS;
|
|
pBuffer2 = NULL;
|
|
for (i = 0, pRouteEntry = pBuffer;
|
|
i < ulRouteCount;
|
|
++i, ++pRouteEntry)
|
|
{
|
|
if (pRouteEntry->ire_dest == ulIpAddress
|
|
&& pRouteEntry->ire_proto == IRE_PROTO_NETMGMT)
|
|
{
|
|
#if ROUTEWITHREF
|
|
// Found the added route. Allocate a buffer to hold our
|
|
// request to delete the route.
|
|
//
|
|
ulSize = sizeof(IPRouteEntry);
|
|
pBuffer2 = ALLOC_NONPAGED( ulSize, MTAG_ROUTESET );
|
|
if (!pBuffer2)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "!pBuffer2" ) );
|
|
break;
|
|
}
|
|
|
|
// Use the found route as a template for the route entry
|
|
// marked for deletion.
|
|
//
|
|
pNewRouteEntry = (IPRouteEntry* )pBuffer2;
|
|
NdisMoveMemory(
|
|
pNewRouteEntry, pRouteEntry, sizeof(IPRouteEntry) );
|
|
pNewRouteEntry->ire_type = IRE_TYPE_INVALID;
|
|
|
|
pIpDeviceObject =
|
|
IoGetRelatedDeviceObject( pTdix->pIpStackAddress );
|
|
|
|
KeInitializeEvent(&event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp = IoBuildDeviceIoControlRequest(
|
|
IOCTL_IP_SET_ROUTEWITHREF,
|
|
pIpDeviceObject,
|
|
pNewRouteEntry,
|
|
ulSize,
|
|
NULL,
|
|
0,
|
|
FALSE,
|
|
&event,
|
|
&iosb);
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "TCP_SI Irp?" ) );
|
|
break;
|
|
}
|
|
|
|
pIrpSp = IoGetNextIrpStackLocation( pIrp );
|
|
pIrpSp->FileObject = pTdix->pIpStackAddress;
|
|
|
|
// Send the request to the IP stack.
|
|
//
|
|
status = IoCallDriver( pIpDeviceObject, pIrp );
|
|
#else
|
|
// Found the added route. Allocate a buffer to hold our
|
|
// request to delete the route.
|
|
//
|
|
ulSize = sizeof(TCP_REQUEST_SET_INFORMATION_EX)
|
|
+ sizeof(IPRouteEntry);
|
|
pBuffer2 = ALLOC_NONPAGED( ulSize, MTAG_ROUTESET );
|
|
if (!pBuffer2)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "!pSetBuf" ) );
|
|
break;
|
|
}
|
|
|
|
// Fill in the request buffer with static information about
|
|
// changing routes.
|
|
//
|
|
pSetBuf = (TCP_REQUEST_SET_INFORMATION_EX *)pBuffer2;
|
|
NdisZeroMemory( pSetBuf, ulSize );
|
|
|
|
pSetBuf->ID.toi_entity.tei_entity = CL_NL_ENTITY;
|
|
pSetBuf->ID.toi_entity.tei_instance = 0;
|
|
pSetBuf->ID.toi_class = INFO_CLASS_PROTOCOL;
|
|
pSetBuf->ID.toi_type = INFO_TYPE_PROVIDER;
|
|
pSetBuf->ID.toi_id = IP_MIB_RTTABLE_ENTRY_ID;
|
|
pSetBuf->BufferSize = sizeof(IPRouteEntry);
|
|
|
|
// Use the found route as a template for the route entry marked
|
|
// for deletion.
|
|
//
|
|
pNewRouteEntry = (IPRouteEntry* )&pSetBuf->Buffer[ 0 ];
|
|
NdisMoveMemory(
|
|
pNewRouteEntry, pRouteEntry, sizeof(IPRouteEntry) );
|
|
pNewRouteEntry->ire_type = IRE_TYPE_INVALID;
|
|
|
|
KeInitializeEvent(&event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp = IoBuildDeviceIoControlRequest(
|
|
IOCTL_TCP_SET_INFORMATION_EX,
|
|
pDeviceObject,
|
|
pSetBuf,
|
|
ulSize,
|
|
NULL,
|
|
0,
|
|
FALSE,
|
|
&event,
|
|
&iosb);
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "TCP_SI Irp?" ) );
|
|
break;
|
|
}
|
|
|
|
pIrpSp = IoGetNextIrpStackLocation( pIrp );
|
|
pIrpSp->FileObject = pTdix->pAddress;
|
|
|
|
// Send the request to the IP stack.
|
|
//
|
|
status = IoCallDriver( pDeviceObject, pIrp );
|
|
#endif
|
|
if (status == STATUS_PENDING) {
|
|
KeWaitForSingleObject(&event,
|
|
Executive,
|
|
KernelMode,
|
|
FALSE,
|
|
NULL);
|
|
status = iosb.Status;
|
|
}
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "DHR SET_ROUTE=%d?", status ) );
|
|
g_statusLastDhrSetRouteFailure = status;
|
|
break;
|
|
}
|
|
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (pBuffer2)
|
|
{
|
|
FREE_NONPAGED( pBuffer2 );
|
|
}
|
|
|
|
TRACE( TL_V, TM_Tdi, ( "TdixDeleteHostRoute done" ) );
|
|
}
|
|
while (FALSE);
|
|
|
|
if (pBuffer)
|
|
{
|
|
FREE_NONPAGED( pBuffer );
|
|
}
|
|
|
|
if (pTdixRoute->fUsePayloadAddr) {
|
|
|
|
ASSERT(pTdixRoute->hPayloadAddr != NULL);
|
|
|
|
ObDereferenceObject( pTdixRoute->pPayloadAddr );
|
|
|
|
// Close the payload address object
|
|
//
|
|
ZwClose(pTdixRoute->hPayloadAddr);
|
|
pTdixRoute->hPayloadAddr = NULL;
|
|
pTdixRoute->fUsePayloadAddr = FALSE;
|
|
}
|
|
|
|
if (pTdixRoute->hCtrlAddr != NULL) {
|
|
|
|
// Close the Ctrl address object
|
|
//
|
|
ObDereferenceObject( pTdixRoute->pCtrlAddr );
|
|
ZwClose (pTdixRoute->hCtrlAddr);
|
|
pTdixRoute->hCtrlAddr = NULL;
|
|
}
|
|
|
|
// Remove the route context effectively unpending the operation.
|
|
//
|
|
{
|
|
BOOLEAN fDoClose;
|
|
LONG lRef;
|
|
|
|
fDoClose = FALSE;
|
|
NdisAcquireSpinLock( &pTdix->lock );
|
|
{
|
|
if (status == STATUS_SUCCESS)
|
|
{
|
|
++g_ulTdixDeleteHostRouteSuccesses;
|
|
}
|
|
else
|
|
{
|
|
++g_ulTdixDeleteHostRouteFailures;
|
|
}
|
|
|
|
ASSERT( pTdixRoute->lRef == 0 );
|
|
RemoveEntryList( &pTdixRoute->linkRoutes );
|
|
|
|
lRef = --pTdix->lRef;
|
|
TRACE( TL_N, TM_Tdi, ( "TdixDHR, refs=%d", lRef ) );
|
|
if (lRef == 0)
|
|
{
|
|
fDoClose = TRUE;
|
|
}
|
|
|
|
FREE_TDIXROUTE( pTdix, pTdixRoute );
|
|
}
|
|
NdisReleaseSpinLock( &pTdix->lock );
|
|
|
|
if (fDoClose)
|
|
{
|
|
TdixDoClose( pTdix );
|
|
}
|
|
}
|
|
}
|
|
|
|
NTSTATUS
|
|
TdixGetInterfaceInfo(
|
|
IN TDIXCONTEXT* pTdix,
|
|
IN ULONG ulIpAddress,
|
|
OUT PULONG pulSpeed)
|
|
{
|
|
TCP_REQUEST_QUERY_INFORMATION_EX QueryBuf;
|
|
PDEVICE_OBJECT pDeviceObject;
|
|
NTSTATUS status;
|
|
PIRP pIrp;
|
|
PIO_STACK_LOCATION pIrpSp;
|
|
IO_STATUS_BLOCK iosb;
|
|
UCHAR pBuffer[256];
|
|
KEVENT event;
|
|
IPInterfaceInfo* pInterfaceInfo;
|
|
|
|
// Get the routing table from the IP stack. This make take a few
|
|
// iterations since the size of the buffer required is not known. Set
|
|
// up the static request information first.
|
|
//
|
|
QueryBuf.ID.toi_entity.tei_entity = CL_NL_ENTITY;
|
|
QueryBuf.ID.toi_entity.tei_instance = 0;
|
|
QueryBuf.ID.toi_class = INFO_CLASS_PROTOCOL;
|
|
QueryBuf.ID.toi_type = INFO_TYPE_PROVIDER;
|
|
QueryBuf.ID.toi_id = IP_INTFC_INFO_ID;
|
|
*(ULONG *)QueryBuf.Context = ulIpAddress;
|
|
|
|
pDeviceObject = IoGetRelatedDeviceObject( pTdix->pAddress );
|
|
|
|
// Set up a request to the IP stack to fill the buffer with the
|
|
// routing table and send it to the stack.
|
|
KeInitializeEvent(&event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp =
|
|
IoBuildDeviceIoControlRequest(
|
|
IOCTL_TCP_QUERY_INFORMATION_EX,
|
|
pDeviceObject,
|
|
(PVOID )&QueryBuf,
|
|
sizeof(QueryBuf),
|
|
pBuffer,
|
|
sizeof(pBuffer),
|
|
FALSE,
|
|
&event,
|
|
&iosb);
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "Build Q Irp?" ) );
|
|
return NDIS_STATUS_RESOURCES;
|
|
}
|
|
|
|
pIrpSp = IoGetNextIrpStackLocation( pIrp );
|
|
pIrpSp->FileObject = pTdix->pAddress;
|
|
|
|
status = IoCallDriver( pDeviceObject, pIrp );
|
|
|
|
if (status == STATUS_PENDING) {
|
|
KeWaitForSingleObject(&event,
|
|
Executive,
|
|
KernelMode,
|
|
FALSE,
|
|
NULL);
|
|
|
|
status = iosb.Status;
|
|
}
|
|
|
|
if (status == STATUS_SUCCESS)
|
|
{
|
|
*pulSpeed = ((IPInterfaceInfo *)pBuffer)->iii_speed;
|
|
}
|
|
|
|
return status;
|
|
}
|
|
|
|
//-----------------------------------------------------------------------------
|
|
// Local utility routines (alphabetically)
|
|
//-----------------------------------------------------------------------------
|
|
|
|
NTSTATUS
|
|
TdixSetTdiAOOption(
|
|
IN FILE_OBJECT* pAddress,
|
|
IN ULONG ulOption,
|
|
IN ULONG ulValue)
|
|
|
|
// Turn off UDP checksums on open UDP address object 'pAddress'.
|
|
//
|
|
{
|
|
NTSTATUS status;
|
|
PDEVICE_OBJECT pDeviceObject;
|
|
PIO_STACK_LOCATION pIrpSp;
|
|
IO_STATUS_BLOCK iosb;
|
|
PIRP pIrp;
|
|
TCP_REQUEST_SET_INFORMATION_EX* pInfo;
|
|
CHAR achBuf[ sizeof(*pInfo) + sizeof(ULONG) ];
|
|
|
|
pInfo = (TCP_REQUEST_SET_INFORMATION_EX* )achBuf;
|
|
pInfo->ID.toi_entity.tei_entity = CL_TL_ENTITY;
|
|
pInfo->ID.toi_entity.tei_instance = 0;
|
|
pInfo->ID.toi_class = INFO_CLASS_PROTOCOL;
|
|
pInfo->ID.toi_type = INFO_TYPE_ADDRESS_OBJECT;
|
|
pInfo->ID.toi_id = ulOption;
|
|
|
|
NdisMoveMemory( pInfo->Buffer, &ulValue, sizeof(ulValue) );
|
|
pInfo->BufferSize = sizeof(ulValue);
|
|
|
|
pDeviceObject = IoGetRelatedDeviceObject( pAddress );
|
|
|
|
pIrp = IoBuildDeviceIoControlRequest(
|
|
IOCTL_TCP_WSH_SET_INFORMATION_EX,
|
|
pDeviceObject,
|
|
(PVOID )pInfo,
|
|
sizeof(*pInfo) + sizeof(ulValue),
|
|
NULL,
|
|
0,
|
|
FALSE,
|
|
NULL,
|
|
&iosb );
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "TdixSetTdiAOOption Irp?" ) );
|
|
return NDIS_STATUS_RESOURCES;
|
|
}
|
|
|
|
pIrpSp = IoGetNextIrpStackLocation( pIrp );
|
|
pIrpSp->FileObject = pAddress;
|
|
|
|
status = IoCallDriver( pDeviceObject, pIrp );
|
|
|
|
if(NT_SUCCESS(status))
|
|
{
|
|
status = iosb.Status;
|
|
}
|
|
|
|
return status;
|
|
}
|
|
|
|
|
|
VOID
|
|
TdixDisableUdpChecksums(
|
|
IN FILE_OBJECT* pAddress )
|
|
|
|
// Turn off UDP checksums on open UDP address object 'pAddress'.
|
|
//
|
|
{
|
|
NTSTATUS status;
|
|
|
|
status = TdixSetTdiAOOption(pAddress, AO_OPTION_XSUM, FALSE);
|
|
|
|
TRACE( TL_I, TM_Tdi, ( "Disable XSUMs($%p)=$%08x",
|
|
pAddress, status ) );
|
|
}
|
|
|
|
VOID
|
|
TdixEnableIpPktInfo(
|
|
IN FILE_OBJECT* pAddress )
|
|
|
|
// Turn on IP_PKTINFO on open UDP address object 'pAddress'.
|
|
//
|
|
{
|
|
NTSTATUS status;
|
|
|
|
status = TdixSetTdiAOOption(pAddress, AO_OPTION_IP_PKTINFO, TRUE);
|
|
|
|
TRACE( TL_I, TM_Tdi, ( "Enable IP_PKTINFO ($%p)=$%08x",
|
|
pAddress, status ) );
|
|
}
|
|
|
|
VOID
|
|
TdixDoClose(
|
|
TDIXCONTEXT* pTdix )
|
|
|
|
// Called when 'pTdix->lRef' reaches 0 to close down the TDI session.
|
|
// 'PTdix' is the transport context for the session.
|
|
//
|
|
{
|
|
TRACE( TL_N, TM_Tdi, ( "TdixDoClose" ) );
|
|
|
|
if (pTdix->pAddress)
|
|
{
|
|
// Install a NULL handler, effectively uninstalling.
|
|
//
|
|
TdixInstallEventHandler( pTdix->pAddress,
|
|
TDI_EVENT_RECEIVE_DATAGRAM, NULL, pTdix );
|
|
|
|
ObDereferenceObject( pTdix->pAddress );
|
|
pTdix->pAddress = NULL;
|
|
|
|
// If have a valid transport address, the lookaside lists were also
|
|
// initialized.
|
|
//
|
|
NdisDeleteNPagedLookasideList( &pTdix->llistRdg );
|
|
NdisDeleteNPagedLookasideList( &pTdix->llistSdg );
|
|
}
|
|
|
|
if (pTdix->hAddress)
|
|
{
|
|
ZwClose( pTdix->hAddress );
|
|
pTdix->hAddress = NULL;
|
|
}
|
|
|
|
#if ROUTEWITHREF
|
|
if (pTdix->hIpStackAddress)
|
|
{
|
|
ZwClose( pTdix->hIpStackAddress );
|
|
pTdix->hIpStackAddress = NULL;
|
|
}
|
|
#endif
|
|
|
|
if (pTdix->pIpStackAddress)
|
|
{
|
|
ObDereferenceObject( pTdix->pIpStackAddress );
|
|
pTdix->pIpStackAddress = NULL;
|
|
}
|
|
|
|
// Mark the operation complete.
|
|
//
|
|
NdisAcquireSpinLock( &pTdix->lock );
|
|
{
|
|
ASSERT( pTdix->lRef == 0 );
|
|
ClearFlags( &pTdix->ulFlags, TDIXF_Pending );
|
|
}
|
|
NdisReleaseSpinLock( &pTdix->lock );
|
|
}
|
|
|
|
VOID
|
|
TdixExtractAddress(
|
|
IN TDIXCONTEXT* pTdix,
|
|
OUT TDIXRDGINFO* pRdg,
|
|
IN VOID* pTransportAddress,
|
|
IN LONG lTransportAddressLen,
|
|
IN VOID* Options,
|
|
IN LONG OptionsLength)
|
|
// Fills callers '*pAddress' with the useful part of the transport address
|
|
// 'pTransportAddress' of length 'lTransportAddressLen'. 'PTdix' is our
|
|
// context.
|
|
//
|
|
{
|
|
TDIXIPADDRESS* pAddress = &pRdg->source;
|
|
TA_IP_ADDRESS* pTAddress = (TA_IP_ADDRESS* )pTransportAddress;
|
|
|
|
ASSERT( lTransportAddressLen == sizeof(TA_IP_ADDRESS) );
|
|
ASSERT( pTAddress->TAAddressCount == 1 );
|
|
ASSERT( pTAddress->Address[ 0 ].AddressType == TDI_ADDRESS_TYPE_IP );
|
|
ASSERT( pTAddress->Address[ 0 ].AddressLength == TDI_ADDRESS_LENGTH_IP );
|
|
|
|
// source address
|
|
pAddress->ulIpAddress = pTAddress->Address[ 0 ].Address[ 0 ].in_addr;
|
|
pAddress->sUdpPort = pTAddress->Address[ 0 ].Address[ 0 ].sin_port;
|
|
|
|
// dest address
|
|
if(Options)
|
|
{
|
|
IN_PKTINFO* pktinfo = (IN_PKTINFO*)TDI_CMSG_DATA(Options);
|
|
|
|
ASSERT(((PTDI_CMSGHDR)Options)->cmsg_type == IP_PKTINFO);
|
|
|
|
// Fill in the ancillary data object header information.
|
|
pRdg->dest.ulIpAddress = pktinfo->ipi_addr;
|
|
|
|
// Get the index of the local interface on which the packet arrived.
|
|
pRdg->dest.ifindex = pktinfo->ipi_ifindex;
|
|
}
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
TdixInstallEventHandler(
|
|
IN FILE_OBJECT* pAddress,
|
|
IN INT nEventType,
|
|
IN VOID* pfuncEventHandler,
|
|
IN VOID* pEventContext )
|
|
|
|
// Install a TDI event handler routine 'pfuncEventHandler' to be called
|
|
// when events of type 'nEventType' occur. 'PEventContext' is passed to
|
|
// the handler. 'PAddress' is the transport address object.
|
|
//
|
|
// This call must be made at PASSIVE IRQL.
|
|
//
|
|
// Returns 0 if successful or an error code.
|
|
//
|
|
{
|
|
NTSTATUS status;
|
|
PIRP pIrp;
|
|
|
|
TRACE( TL_N, TM_Tdi, ( "TdixInstallEventHandler" ) );
|
|
|
|
// Allocate a "set event" IRP with base initialization.
|
|
//
|
|
pIrp =
|
|
TdiBuildInternalDeviceControlIrp(
|
|
TDI_SET_EVENT_HANDLER,
|
|
pAddress->DeviceObject,
|
|
pAddress,
|
|
NULL,
|
|
NULL );
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "TdiBuildIDCIrp?" ) );
|
|
return NDIS_STATUS_RESOURCES;
|
|
}
|
|
|
|
// Complete the "set event" IRP initialization.
|
|
//
|
|
TdiBuildSetEventHandler(
|
|
pIrp,
|
|
pAddress->DeviceObject,
|
|
pAddress,
|
|
NULL,
|
|
NULL,
|
|
nEventType,
|
|
pfuncEventHandler,
|
|
pEventContext );
|
|
|
|
// Tell the I/O manager to pass our IRP to the transport for processing.
|
|
//
|
|
status = IoCallDriver( pAddress->DeviceObject, pIrp );
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "IoCallDriver=$%08x?", status ) );
|
|
return status;
|
|
}
|
|
|
|
TRACE( TL_V, TM_Tdi, ( "TdixInstallEventHandler=0" ) );
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
TdixOpenIpAddress(
|
|
IN UNICODE_STRING* puniDevice,
|
|
IN TDIXIPADDRESS* pTdixAddr,
|
|
OUT HANDLE* phAddress,
|
|
OUT FILE_OBJECT** ppFileObject )
|
|
|
|
// Open a transport address for the IP-based protocol with name
|
|
// '*puniDevice' and port 'sPort'. 'SPort' may be 0 indicating "any"
|
|
// port. "Any" address is assumed. Loads the open address object handle
|
|
// into '*phAddress' and the referenced file object into '*ppFileObject'.
|
|
//
|
|
// Returns STATUS_SUCCESS or an error code.
|
|
//
|
|
{
|
|
NTSTATUS status;
|
|
OBJECT_ATTRIBUTES oa;
|
|
IO_STATUS_BLOCK iosb;
|
|
FILE_FULL_EA_INFORMATION *pEa;
|
|
ULONG ulEaLength;
|
|
TA_IP_ADDRESS UNALIGNED *pTaIp;
|
|
TDI_ADDRESS_IP UNALIGNED *pTdiIp;
|
|
CHAR achEa[ 100 ];
|
|
HANDLE hAddress;
|
|
FILE_OBJECT* pFileObject;
|
|
|
|
hAddress = NULL;
|
|
pFileObject = NULL;
|
|
|
|
// Initialize object attributes, a parameter needed to open the device.
|
|
//
|
|
InitializeObjectAttributes(
|
|
&oa, puniDevice, OBJ_CASE_INSENSITIVE, NULL, NULL );
|
|
|
|
// Set up the extended attribute that tells the IP stack the IP
|
|
// address/port from which we want to receive. For raw IP we say "any
|
|
// address and port" and for UDP we say "any address on the L2TP
|
|
// port". Is this an ugly structure or what?
|
|
//
|
|
ASSERT( sizeof(FILE_FULL_EA_INFORMATION)
|
|
+ TDI_TRANSPORT_ADDRESS_LENGTH + sizeof(TA_IP_ADDRESS) <= 100);
|
|
|
|
pEa = (FILE_FULL_EA_INFORMATION* )achEa;
|
|
pEa->NextEntryOffset = 0;
|
|
pEa->Flags = 0;
|
|
pEa->EaNameLength = TDI_TRANSPORT_ADDRESS_LENGTH;
|
|
pEa->EaValueLength = sizeof(TA_IP_ADDRESS);
|
|
NdisMoveMemory(
|
|
pEa->EaName, TdiTransportAddress, TDI_TRANSPORT_ADDRESS_LENGTH );
|
|
|
|
// Note: The ZwCreateFile wants the sized name to have a null
|
|
// terminator character (go figure), so add it and account for
|
|
// it with the "+ 1" below.
|
|
//
|
|
pEa->EaName[ TDI_TRANSPORT_ADDRESS_LENGTH ] = '\0';
|
|
|
|
pTaIp = (TA_IP_ADDRESS UNALIGNED* )
|
|
(pEa->EaName + TDI_TRANSPORT_ADDRESS_LENGTH + 1);
|
|
pTaIp->TAAddressCount = 1;
|
|
pTaIp->Address[ 0 ].AddressLength = TDI_ADDRESS_LENGTH_IP;
|
|
pTaIp->Address[ 0 ].AddressType = TDI_ADDRESS_TYPE_IP;
|
|
|
|
pTdiIp = &pTaIp->Address[ 0 ].Address[ 0 ];
|
|
pTdiIp->sin_port = pTdixAddr->sUdpPort;
|
|
pTdiIp->in_addr = pTdixAddr->ulIpAddress;
|
|
NdisZeroMemory( pTdiIp->sin_zero, sizeof(pTdiIp->sin_zero) );
|
|
|
|
ulEaLength = (ULONG )((CHAR* )(pTaIp + 1) - (CHAR* )pEa);
|
|
|
|
// Open the transport address.
|
|
//
|
|
status =
|
|
ZwCreateFile(
|
|
&hAddress,
|
|
FILE_READ_DATA | FILE_WRITE_DATA,
|
|
&oa,
|
|
&iosb,
|
|
NULL,
|
|
FILE_ATTRIBUTE_NORMAL,
|
|
FILE_SHARE_WRITE,
|
|
FILE_OPEN,
|
|
0,
|
|
pEa,
|
|
ulEaLength );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "ZwCreateFile(%S)=$%08x,ios=$%08x?",
|
|
puniDevice->Buffer, status, iosb.Information ) );
|
|
return status;
|
|
}
|
|
|
|
// Get the object address from the handle. This also checks our
|
|
// permissions on the object.
|
|
//
|
|
status =
|
|
ObReferenceObjectByHandle(
|
|
hAddress,
|
|
0,
|
|
NULL,
|
|
KernelMode,
|
|
&pFileObject,
|
|
NULL );
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi,
|
|
( "ObRefObjByHandle(%S)=$%08x?", puniDevice->Buffer, status ) );
|
|
ZwClose( hAddress );
|
|
return status;
|
|
}
|
|
|
|
*phAddress = hAddress;
|
|
*ppFileObject = pFileObject;
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
TdixReceiveDatagramHandler(
|
|
IN PVOID TdiEventContext,
|
|
IN LONG SourceAddressLength,
|
|
IN PVOID SourceAddress,
|
|
IN LONG OptionsLength,
|
|
IN PVOID Options,
|
|
IN ULONG ReceiveDatagramFlags,
|
|
IN ULONG BytesIndicated,
|
|
IN ULONG BytesAvailable,
|
|
OUT ULONG* BytesTaken,
|
|
IN PVOID Tsdu,
|
|
OUT PIRP* IoRequestPacket )
|
|
|
|
// Standard TDI ClientEventReceiveDatagram indication handler. See TDI
|
|
// doc. Runs at DISPATCH IRQL.
|
|
//
|
|
{
|
|
TDIXCONTEXT* pTdix;
|
|
TDIXRDGINFO* pRdg;
|
|
CHAR* pBuffer;
|
|
NDIS_BUFFER* pNdisBuffer;
|
|
PIRP pIrp;
|
|
|
|
TRACE( TL_N, TM_Tdi, ( "TdixRecvDg, f=$%08x bi=%d, ba=%d",
|
|
ReceiveDatagramFlags, BytesIndicated, BytesAvailable ) );
|
|
|
|
|
|
if (BytesAvailable > L2TP_FrameBufferSize) {
|
|
|
|
// We received a larger datagram then expected or can handle,
|
|
// so we just ignore the datagram.
|
|
//
|
|
ASSERT( !"BytesAvailable > L2TP_FrameBufferSize?" );
|
|
*IoRequestPacket = NULL;
|
|
*BytesTaken = 0;
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
pTdix = (TDIXCONTEXT* )TdiEventContext;
|
|
|
|
// Allocate a receive pBuffer from TDIX client's pool.
|
|
//
|
|
pBuffer = GetBufferFromPool( pTdix->pPoolNdisBuffers );
|
|
if (!pBuffer)
|
|
{
|
|
// Not a whole lot we can do with this unlikely error from inside this
|
|
// handler, so we just ignore the datagram.
|
|
//
|
|
ASSERT( !"GetBfromP?" );
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
// Allocate a context for this read-datagram from our lookaside list.
|
|
//
|
|
pRdg = ALLOC_TDIXRDGINFO( pTdix );
|
|
if (pRdg)
|
|
{
|
|
// Fill in the read-datagram context with the information that won't
|
|
// otherwise be available in the completion routine.
|
|
//
|
|
pRdg->pTdix = pTdix;
|
|
pRdg->pBuffer = pBuffer;
|
|
pRdg->ulBufferLen = BytesAvailable;
|
|
|
|
// Extract the useful IP address from the more general transport
|
|
// address information.
|
|
//
|
|
|
|
TdixExtractAddress(
|
|
pTdix, pRdg, SourceAddress, SourceAddressLength, Options, OptionsLength);
|
|
}
|
|
else
|
|
{
|
|
// Not a whole lot we can do with this unlikely error from inside this
|
|
// handler, so we just ignore the datagram.
|
|
//
|
|
FreeBufferToPool( pTdix->pPoolNdisBuffers, pBuffer, TRUE );
|
|
ASSERT( !"AllocRdg?" );
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
if (BytesIndicated < BytesAvailable)
|
|
{
|
|
// The less common case where all the information is not immediately
|
|
// available. Allocate an IRP to request the data.
|
|
//
|
|
#if ALLOCATEIRPS
|
|
// Allocate the IRP directly.
|
|
//
|
|
pIrp = IoAllocateIrp(
|
|
pTdix->pAddress->DeviceObject->StackSize, FALSE );
|
|
#else
|
|
// Allocate a "receive datagram" IRP with base initialization.
|
|
//
|
|
pIrp =
|
|
TdiBuildInternalDeviceControlIrp(
|
|
TDI_RECEIVE_DATAGRAM,
|
|
pTdix->pAddress->DeviceObject,
|
|
pTdix->pAddress,
|
|
NULL,
|
|
NULL );
|
|
#endif
|
|
|
|
if (!pIrp)
|
|
{
|
|
// Not a whole lot we can do with this unlikely error from inside
|
|
// this handler, so we just ignore the datagram.
|
|
//
|
|
FreeBufferToPool( pTdix->pPoolNdisBuffers, pBuffer, TRUE );
|
|
FREE_TDIXRDGINFO( pTdix, pRdg );
|
|
ASSERT( !"Alloc IRP?" );
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
pNdisBuffer = NdisBufferFromBuffer( pBuffer );
|
|
|
|
// Complete the "receive datagram" IRP initialization.
|
|
//
|
|
TdiBuildReceiveDatagram(
|
|
pIrp,
|
|
pTdix->pAddress->DeviceObject,
|
|
pTdix->pAddress,
|
|
TdixReceiveDatagramComplete,
|
|
pRdg,
|
|
pNdisBuffer,
|
|
0,
|
|
NULL,
|
|
NULL,
|
|
0 );
|
|
|
|
// Adjust the IRP's stack location to make the transport's stack
|
|
// current. Normally IoCallDriver handles this, but this IRP doesn't
|
|
// go thru IoCallDriver. Seems like it would be the transport's job
|
|
// to make this adjustment, but IP for one doesn't seem to do it.
|
|
// There is a similar adjustment in both the redirector and PPTP.
|
|
//
|
|
IoSetNextIrpStackLocation( pIrp );
|
|
|
|
*IoRequestPacket = pIrp;
|
|
*BytesTaken = 0;
|
|
|
|
return STATUS_MORE_PROCESSING_REQUIRED;
|
|
}
|
|
else
|
|
{
|
|
// The common case where all the information is immediately available.
|
|
// Copy it to from the transport buffer and call client's completion
|
|
// handler directly. See bug 329371.
|
|
//
|
|
NdisMoveMemory( pBuffer, (CHAR* )Tsdu, BytesIndicated );
|
|
TdixReceiveDatagramComplete( NULL, NULL, pRdg );
|
|
|
|
*IoRequestPacket = NULL;
|
|
*BytesTaken = BytesIndicated;
|
|
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
// Not reached.
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
TdixReceiveDatagramComplete(
|
|
IN PDEVICE_OBJECT DeviceObject,
|
|
IN PIRP Irp,
|
|
IN PVOID Context )
|
|
|
|
// Standard NT I/O completion routine. See DDK doc. Called with a NULL
|
|
// 'DeviceObject' and 'Irp' to complete the fast-past Irp-less receives.
|
|
//
|
|
{
|
|
TDIXRDGINFO* pRdg;
|
|
BOOLEAN fBad;
|
|
ULONG ulOffset;
|
|
|
|
pRdg = (TDIXRDGINFO* )Context;
|
|
|
|
TRACE( TL_N, TM_Tdi, ( "TdixRecvDgComp" ) );
|
|
|
|
fBad = FALSE;
|
|
ulOffset = 0;
|
|
|
|
if (pRdg->pTdix->mediatype == TMT_RawIp)
|
|
{
|
|
UCHAR uchVersion;
|
|
|
|
// The raw IP stack doesn't strip the IP header from the received
|
|
// datagram for some reason, so calculate the offset to the "real"
|
|
// data at the end of the IP header.
|
|
//
|
|
uchVersion = *((UCHAR* )pRdg->pBuffer) >> 4;
|
|
if (uchVersion == 4)
|
|
{
|
|
// Good, it's IP version 4. Find the length of the IP header,
|
|
// which can vary depending on the presence of option fields.
|
|
//
|
|
ulOffset = (*((UCHAR* )pRdg->pBuffer) & 0x0F) * sizeof(ULONG);
|
|
}
|
|
else
|
|
{
|
|
// It's not IP version 4, the only version we handle.
|
|
//
|
|
TRACE( TL_A, TM_Tdi, ( "Not IPv4? v=%d?", (ULONG )uchVersion ) );
|
|
fBad = TRUE;
|
|
}
|
|
}
|
|
|
|
if (!fBad && (!Irp || Irp->IoStatus.Status == STATUS_SUCCESS))
|
|
{
|
|
// Pass the result to the TDIX client's handler.
|
|
//
|
|
pRdg->pTdix->pReceiveHandler(
|
|
pRdg->pTdix,
|
|
pRdg,
|
|
pRdg->pBuffer,
|
|
ulOffset,
|
|
pRdg->ulBufferLen );
|
|
}
|
|
|
|
// Free the read-datagram context.
|
|
//
|
|
FREE_TDIXRDGINFO( pRdg->pTdix, pRdg );
|
|
|
|
#if ALLOCATEIRPS
|
|
// Release the IRP resources, if any, and tell the I/O manager to forget
|
|
// it existed in the standard way.
|
|
//
|
|
if (Irp)
|
|
{
|
|
IoFreeIrp( Irp );
|
|
return STATUS_MORE_PROCESSING_REQUIRED;
|
|
}
|
|
#endif
|
|
|
|
// Let the I/O manager release the IRP resources, if any.
|
|
//
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
|
|
TDIXROUTE*
|
|
TdixRouteFromIpAddress(
|
|
IN TDIXCONTEXT* pTdix,
|
|
IN ULONG ulIpAddress)
|
|
|
|
// Returns the host route context associated with IP address 'ulIpAddress'
|
|
// from the TDIX context 'pTdix's list of host routes, or NULL if none.
|
|
// 'UlIpAddress' is in network byte order.
|
|
//
|
|
// IMPORTANT: The caller must hold 'pTdix->lock'.
|
|
//
|
|
{
|
|
LIST_ENTRY* pLink;
|
|
|
|
for (pLink = pTdix->listRoutes.Flink;
|
|
pLink != &pTdix->listRoutes;
|
|
pLink = pLink->Flink)
|
|
{
|
|
TDIXROUTE* pRoute;
|
|
|
|
pRoute = CONTAINING_RECORD( pLink, TDIXROUTE, linkRoutes );
|
|
if (pRoute->ulIpAddress == ulIpAddress)
|
|
{
|
|
return pRoute;
|
|
}
|
|
}
|
|
|
|
return NULL;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
TdixSendComplete(
|
|
IN PDEVICE_OBJECT DeviceObject,
|
|
IN PIRP Irp,
|
|
IN PVOID Context )
|
|
|
|
// Standard NT I/O completion routine. See DDK doc.
|
|
//
|
|
{
|
|
TDIXSDGINFO* pSdg;
|
|
|
|
DBG_if (Irp->IoStatus.Status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "TdixSendComp, s=$%08x?",
|
|
Irp->IoStatus.Status ) );
|
|
}
|
|
|
|
pSdg = (TDIXSDGINFO* )Context;
|
|
|
|
// Pass the result to the TDIX client's handler.
|
|
//
|
|
pSdg->pSendCompleteHandler(
|
|
pSdg->pTdix, pSdg->pContext1, pSdg->pContext2, pSdg->pBuffer );
|
|
|
|
// Free the send-complete context.
|
|
//
|
|
FREE_TDIXSDGINFO( pSdg->pTdix, pSdg );
|
|
|
|
#if ALLOCATEIRPS
|
|
// Release the IRP resources and tell the I/O manager to forget it existed
|
|
// in the standard way.
|
|
//
|
|
IoFreeIrp( Irp );
|
|
return STATUS_MORE_PROCESSING_REQUIRED;
|
|
#else
|
|
// Let the I/O manager release the IRP resources.
|
|
//
|
|
return STATUS_SUCCESS;
|
|
#endif
|
|
}
|
|
|
|
NTSTATUS
|
|
TdixSendDatagramComplete(
|
|
IN PDEVICE_OBJECT DeviceObject,
|
|
IN PIRP Irp,
|
|
IN PVOID Context )
|
|
|
|
// Standard NT I/O completion routine. See DDK doc.
|
|
//
|
|
{
|
|
TDIXSDGINFO* pSdg;
|
|
|
|
DBG_if (Irp->IoStatus.Status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "TdixSendDgComp, s=$%08x?",
|
|
Irp->IoStatus.Status ) );
|
|
}
|
|
|
|
pSdg = (TDIXSDGINFO* )Context;
|
|
|
|
// Pass the result to the TDIX client's handler.
|
|
//
|
|
pSdg->pSendCompleteHandler(
|
|
pSdg->pTdix, pSdg->pContext1, pSdg->pContext2, pSdg->pBuffer );
|
|
|
|
// Free the send-complete context.
|
|
//
|
|
FREE_TDIXSDGINFO( pSdg->pTdix, pSdg );
|
|
|
|
#if ALLOCATEIRPS
|
|
// Release the IRP resources and tell the I/O manager to forget it existed
|
|
// in the standard way.
|
|
//
|
|
IoFreeIrp( Irp );
|
|
return STATUS_MORE_PROCESSING_REQUIRED;
|
|
#else
|
|
// Let the I/O manager release the IRP resources.
|
|
//
|
|
return STATUS_SUCCESS;
|
|
#endif
|
|
}
|
|
|
|
NTSTATUS
|
|
TdixConnectAddrInterface(
|
|
FILE_OBJECT* pFileObj,
|
|
HANDLE hFileHandle,
|
|
TDIXROUTE* pTdixRoute
|
|
)
|
|
{
|
|
NTSTATUS status;
|
|
PDEVICE_OBJECT pDeviceObj;
|
|
PIO_STACK_LOCATION pIrpSp;
|
|
IO_STATUS_BLOCK iosb;
|
|
PIRP pIrp;
|
|
TCP_REQUEST_SET_INFORMATION_EX* pInfo;
|
|
CHAR achBuf[ sizeof(*pInfo) + sizeof(ULONG) ];
|
|
ULONG ulValue;
|
|
TDI_CONNECTION_INFORMATION RequestConnInfo;
|
|
KEVENT Event;
|
|
TA_IP_ADDRESS taip;
|
|
TDI_ADDRESS_IP* pTdiIp;
|
|
KEVENT event;
|
|
|
|
|
|
pDeviceObj = IoGetRelatedDeviceObject( pFileObj );
|
|
|
|
#if 0
|
|
KeInitializeEvent(&Event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp = TdiBuildInternalDeviceControlIrp(TDI_ASSOCIATE_ADDRESS,
|
|
pDeviceObj,
|
|
pFileObj,
|
|
&Event,
|
|
&iosb);
|
|
|
|
if (!pIrp) {
|
|
TRACE( TL_A, TM_Tdi, ( "SetIfcIndex Associate Irp?" ) );
|
|
return !STATUS_SUCCESS;
|
|
}
|
|
|
|
TdiBuildAssociateAddress(pIrp,
|
|
pDeviceObj,
|
|
pFileObj,
|
|
NULL,
|
|
NULL,
|
|
hFileHandle);
|
|
|
|
status = IoCallDriver( pDeviceObj, pIrp );
|
|
|
|
if (status == STATUS_PENDING) {
|
|
KeWaitForSingleObject(&Event, Executive, KernelMode, FALSE, 0);
|
|
}
|
|
|
|
if (iosb.Status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "SetIfcIndex Associate=%x?", status ) );
|
|
return (iosb.Status);
|
|
}
|
|
#endif
|
|
|
|
pInfo = (TCP_REQUEST_SET_INFORMATION_EX* )achBuf;
|
|
pInfo->ID.toi_entity.tei_entity = CL_TL_ENTITY;
|
|
pInfo->ID.toi_entity.tei_instance = 0;
|
|
pInfo->ID.toi_class = INFO_CLASS_PROTOCOL;
|
|
pInfo->ID.toi_type = INFO_TYPE_ADDRESS_OBJECT;
|
|
pInfo->ID.toi_id = AO_OPTION_IP_UCASTIF;
|
|
|
|
ulValue = pTdixRoute->InterfaceIndex;
|
|
|
|
NdisMoveMemory( pInfo->Buffer, &ulValue, sizeof(ulValue) );
|
|
pInfo->BufferSize = sizeof(ulValue);
|
|
|
|
KeInitializeEvent(&event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp = IoBuildDeviceIoControlRequest(
|
|
IOCTL_TCP_WSH_SET_INFORMATION_EX,
|
|
pDeviceObj,
|
|
(PVOID )pInfo,
|
|
sizeof(*pInfo) + sizeof(ulValue),
|
|
NULL,
|
|
0,
|
|
FALSE,
|
|
&event,
|
|
&iosb );
|
|
|
|
if (!pIrp)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "SetIfcIndex Irp?" ) );
|
|
return !STATUS_SUCCESS;
|
|
}
|
|
|
|
pIrpSp = IoGetNextIrpStackLocation( pIrp );
|
|
pIrpSp->FileObject = pFileObj;
|
|
|
|
status = IoCallDriver( pDeviceObj, pIrp );
|
|
|
|
if (status == STATUS_PENDING) {
|
|
KeWaitForSingleObject(&event,
|
|
Executive,
|
|
KernelMode,
|
|
FALSE,
|
|
NULL);
|
|
status = iosb.Status;
|
|
}
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "SetIfcIndex=%x?", status ) );
|
|
return status;
|
|
}
|
|
|
|
KeInitializeEvent(&Event, SynchronizationEvent, FALSE);
|
|
|
|
pIrp = TdiBuildInternalDeviceControlIrp(TDI_CONNECT,
|
|
pDeviceObj,
|
|
pFileObj,
|
|
&Event,
|
|
&iosb);
|
|
|
|
if (!pIrp) {
|
|
TRACE( TL_A, TM_Tdi, ( "SetIfcIndex ConnectIrp?" ) );
|
|
return !STATUS_SUCCESS;
|
|
}
|
|
|
|
// Put the destination IP address in the "connection" structure as TDI
|
|
// expects.
|
|
//
|
|
taip.TAAddressCount = 1;
|
|
taip.Address[ 0 ].AddressLength = TDI_ADDRESS_LENGTH_IP;
|
|
taip.Address[ 0 ].AddressType = TDI_ADDRESS_TYPE_IP;
|
|
|
|
pTdiIp = &taip.Address[ 0 ].Address[ 0 ];
|
|
pTdiIp->sin_port = pTdixRoute->sPort;
|
|
pTdiIp->in_addr = pTdixRoute->ulIpAddress;
|
|
NdisZeroMemory( pTdiIp->sin_zero, sizeof(pTdiIp->sin_zero) );
|
|
|
|
RequestConnInfo.Options = NULL;
|
|
RequestConnInfo.OptionsLength = 0;
|
|
RequestConnInfo.RemoteAddress = &taip;
|
|
RequestConnInfo.RemoteAddressLength = sizeof(taip);
|
|
RequestConnInfo.UserData = NULL;
|
|
RequestConnInfo.UserDataLength = 0;
|
|
|
|
TdiBuildConnect(pIrp,
|
|
pDeviceObj,
|
|
pFileObj,
|
|
NULL,
|
|
NULL,
|
|
0,
|
|
&RequestConnInfo,
|
|
NULL);
|
|
|
|
status = IoCallDriver( pDeviceObj, pIrp );
|
|
|
|
if (status == STATUS_PENDING) {
|
|
KeWaitForSingleObject(&Event, Executive, KernelMode, FALSE, 0);
|
|
}
|
|
|
|
if (iosb.Status != STATUS_SUCCESS)
|
|
{
|
|
TRACE( TL_A, TM_Tdi, ( "SetIfcIndex Connect=%x?", status ) );
|
|
return (iosb.Status);
|
|
}
|
|
|
|
return (STATUS_SUCCESS);
|
|
}
|
|
|