-
Notifications
You must be signed in to change notification settings - Fork 22
/
cLSPInstall.h
315 lines (259 loc) · 11.9 KB
/
cLSPInstall.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
/*
*
* Copyright (C) 2013 Anwar Mohamed <anwarelmakrahy[at]gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to Anwar Mohamed
* anwarelmakrahy[at]gmail.com
*
*/
#pragma once
#include "Packetyzer.h"
#ifdef _WIN32
#include <winsock2.h>
#include <ws2tcpip.h>
#include <ws2spi.h>
#include <objbase.h>
#include <stdio.h>
#include <mswsock.h>
#include <rpc.h>
#include <rpcdce.h>
#include <sporder.h>
#include <winnt.h>
#include <windows.h>
#include <strsafe.h>
#ifndef _PSDK_BLD
#include "LSPCommon\lspcommon.h"
#else
#include "LSPCommon\lspcommon.h"
#endif
#pragma comment (lib, "Ws2_32.lib")
#pragma comment (lib, "ole32.lib")
#define MALLOC(x) HeapAlloc(GetProcessHeap(), 0, (x))
#define FREE(x) HeapFree(GetProcessHeap(), 0, (x))
#define MAX(a,b) ( (a) > (b) ? (a) : (b) )
#define MIN(a,b) ( (a) < (b) ? (a) : (b) )
#define LSP_ERROR_NONE 0x0000
#define LSP_ERROR_WINSOCK 0x0001
#define LSP_ERROR_DLLPATH 0x0002
#define LSP_ERROR_MEMALLOC 0x0004
#define LSP_ERROR_WSCENUMPROT 0x0008
#define LSP_ERROR_GETLSPGUID 0x0010
#define LSP_ERROR_MULTIBYTECONVERT 0x0011
#define LSP_DEFAULT_NAME "PacketyzerLSP"
#define LAYERED_CHAIN ( BASE_PROTOCOL + 1 )
#define UPDATE_LSP_ENTRY 0
typedef INT (WSAAPI * LPWSCINSTALLPROVIDERANDCHAINS)(
LPGUID lpProviderId,
LPWSTR lpszProviderDllPath,
LPWSTR lpszLspName,
DWORD dwServiceFlags,
LPWSAPROTOCOL_INFOW lpProtocolInfoList,
DWORD dwNumberOfEntries,
LPDWORD lpdwCatalogEntryId,
LPINT lpErrno
);
// This structure is used to create the logical ordered LSP mappings
typedef struct _LSP_ENTRY
{
WCHAR wszLspDll[ MAX_PATH ]; // LSPs DLL name (and possible path)
WSAPROTOCOL_INFOW DummyEntry; // Provider entry for dummy LSP entry
BOOL OrphanedEntries; // Indicates this LSP entry contains
// only orphaned protocol chains
WSAPROTOCOL_INFOW *LayeredEntries; // All layered providers beloging to LSP
INT Count; // Number of layered providers
INT *LayerChanged; // Indicates if the entry was changed --
// Used when removing providers
GUID *LayeredGuids; // List of GUIDs the LAYERED providers
// are installed under (doesn't include
// the GUID the dummy entry is installed
// under)
INT LayeredGuidCount; // Number of GUIDs in the array
INT MaxChainLength; // Used for sorting: the longest protocol
// chain of all the layered providers
INT LspOrder; // Used for sorting: the lowest position
// within a layered entries protocol
// chain that a base provider sits
INT DependentCount; // Number of LSPs layered over this one
INT *DependentLspIndexArray; // Indices INTo LSP map of dependent LSPs
} LSP_ENTRY;
class DLLEXPORT Packetyzer::Capture::cLSPInstall
{
WSADATA wsd;
LPWSAPROTOCOL_INFOW pProtocolInfo;
LSP_ENTRY *pLspMap;
WINSOCK_CATALOG eCatalog;
INT iTotalProtocols, iLspCount, i;
DWORD *pdwCatalogIdArray, dwCatalogIdArrayCount, dwRemoveCatalogId;
BOOL bInstall, bInstallOverAll, bRemoveAllLayeredEntries, bPrintProviders,
bDisplayOnlyLayeredEntries, bVerbose, bMapLsp, bArgsOkay, bIFSProvider;
CHAR *lpszLspName , *lpszLspPathAndFile;
INT rc;
LPWSCUPDATEPROVIDER fnWscUpdateProvider, fnWscUpdateProvider32;
HMODULE gModule;
//GUID gProviderGuid;
/*
LspAdd.cpp Prototypes
*/
// Install an LSP INTo the given Winsock catalog
INT InstallLsp(
WINSOCK_CATALOG eCatalog,
__in_z char *lpszLspName,
__in_z char *lpszLspPathAndFile,
DWORD dwCatalogIdArrayCount,
DWORD *pdwCatalogIdArray,
BOOL IfsProvider,
BOOL InstallOverAll
);
// Installs one or more protocol entries INTo the given Winsock catalog under a GUID
INT InstallProvider(
WINSOCK_CATALOG Catalog,
GUID *Guid,
__in_z WCHAR *lpwszLspPath,
WSAPROTOCOL_INFOW *pProvider,
INT iProviderCount
);
INT InstallProviderVista(
WINSOCK_CATALOG eCatalog, // Which catalog to install LSP INTo
__in_z WCHAR *lpszLspName, // String name of LSP
__in_z WCHAR *lpszLspPathAndFile, // Location of LSP dll and dll name
GUID *providerGuid,
DWORD dwCatalogIdArrayCount, // Number of entries in pdwCatalogIdArray
DWORD *pdwCatalogIdArray, // Array of IDs to install over
BOOL IfsProvider,
BOOL InstallOverAll
);
// Creates the protocol entry for the hidden dummy entry which must be installed first
WSAPROTOCOL_INFOW *CreateDummyEntry(
WINSOCK_CATALOG Catalog,
INT CatalogId,
__in_z WCHAR *lpwszLspName,
BOOL IfsProvider
);
INT InstallIfsLspProtocolChains(
WINSOCK_CATALOG eCatalog,
GUID *Guid,
__in_z WCHAR *lpszLspName,
__in_z WCHAR *lpszLspFullPathAndFile,
DWORD *pdwCatalogIdArray,
DWORD dwCatalogIdArrayCount
);
INT InstallNonIfsLspProtocolChains(
WINSOCK_CATALOG eCatalog,
GUID *Guid,
__in_z WCHAR *lpszLspName,
__in_z WCHAR *lpszLspFullPathAndFile,
DWORD *pdwCatalogIdArray,
DWORD dwCatalogIdArrayCount
);
INT InsertIfsLspIntoAllChains(
WSAPROTOCOL_INFOW *OriginalEntry, // Original (unmodified) entry to follow chains
WSAPROTOCOL_INFOW *Catalog, // Array of catalog entries
INT CatalogCount, // Number of entries in Catalog array
INT IfsEntryIdx, // Index INTo IFS standalone entry array
INT ChainIdx // Chain index in OriginalEntry to start at
);
// Reorder the given Winsock catalog such that the providers beloging to the given
// dummy hidden provider are at the head of the catalog
INT ReorderCatalog(WINSOCK_CATALOG Catalog, DWORD dwLayeredId);
// Write the Winsock catalog order according to the given list of catalog IDs
DWORD *ReorderACatalog( WINSOCK_CATALOG Catalog,DWORD dwLayerId,INT *dwEntryCount);
// Rearrange the given Winsock catalog in the order specified as an array of catalog IDs
INT WriteProviderOrder(WINSOCK_CATALOG Catalog, DWORD *pdwCatalogOrder, DWORD dwNumberOfEntries,INT *lpErrno);
/*
LspDel.cpp Prototypes
*/
// Remove all layered service providers installed in the given catalog
INT RemoveAllLayeredEntries(WINSOCK_CATALOG Catalog);
// Remove all provider entries associated with the given GUID from the given catalog
INT DeinstallProvider(WINSOCK_CATALOG Catalog,GUID *Guid);
// Replaces/updates the protocol entries associated with the given GUID with the supplied
// provider structures
INT UpdateProvider(
WINSOCK_CATALOG Catalog,
LPGUID ProviderId,
WCHAR *DllPath,
WSAPROTOCOL_INFOW *ProtocolInfoList,
DWORD NumberOfEntries,
LPINT lpErrno
);
// Removes a single provider from the catalog that matches the given catalog ID
INT RemoveProvider(WINSOCK_CATALOG Catalog, DWORD dwProviderId);
/*
LspMap.cpp Prototypes
*/
// PrINTs all provider entries from the given catalog to the console
void PrintProviders( WINSOCK_CATALOG Catalog, BOOL bLayeredOnly, BOOL bVerbose);
// Build a map of what LSPs are installed on the system, including their order
LSP_ENTRY *
BuildLspMap(WSAPROTOCOL_INFOW *pProviders,INT iProviderCount, INT *pLspCount);
// Print the LSP map to the console
void PrintLspMap(LSP_ENTRY *pLspMap,INT iLspCount);
// Free all resources associated with an already created LSP map
void FreeLspMap(LSP_ENTRY *pLspMap,INT iLspCount);
// Looks for dependencies between LSPs
INT LspDependencyCheck(LSP_ENTRY *pLspMap,INT iLspCount);
// Updates the catalog ID for all providers in an LSP map
void UpdateLspMap(LSP_ENTRY *pLspMap,DWORD dwOldValue,DWORD dwNewValue);
// After updating the catalog map the new entries over the old ones in the LSP map
void MapNewEntriesToOld(LSP_ENTRY *pEntry, WSAPROTOCOL_INFOW *pProvider, INT iProviderCount);
// Adds a GUID INTo the LSP_ENTRY array of unique guids
INT AddGuidToLspEntry(LSP_ENTRY *entry,GUID *guid,INT *lpErrno);
// Updates the catalog IDs in the an array after a catalog entry changes
void UpdateProviderOrder(LSP_ENTRY *UpdatedEntry,DWORD *OrderArray,INT ArrayCount);
// Determines the "deepest" LSP installed in the catalog
INT MaxLayeredChainCount(LSP_ENTRY *pLspMap,INT LspCount);
/*
LspUtil.cpp Prototypes
*/
// Compresses an protocol chain by removing the given ID
BOOL RemoveIdFromChain(WSAPROTOCOL_INFOW *pInfo, DWORD dwCatalogId);
// Looks for the given catalog ID in the protocol chain
BOOL IsIdInChain(WSAPROTOCOL_INFOW *pInfo, DWORD dwId);
// Returns the number of protocol entries of the given type (base or dummy entries)
INT GetProviderCount(WSAPROTOCOL_INFOW *pProviders,INT iProviderCount,INT iProviderType);
// Returns all the catalog entries belonging to the given GUID
INT GetLayeredEntriesByGuid(WSAPROTOCOL_INFOW *pMatchLayers,INT *iLayeredCount, WSAPROTOCOL_INFOW *pEntries, INT iEntryCount,GUID *MatchGuid);
// Determines if two entries are the same after reinstalling an LSP (since the IDs are different now)
BOOL IsEqualProtocolEntries(WSAPROTOCOL_INFOW *pInfo1,WSAPROTOCOL_INFOW *pInfo2);
// Given the full path and name of LSP, load it and call the GetLspGuid export
INT WSPAPI RetrieveLspGuid(__in_z char *LspPath,GUID *Guid);
// Looks up whether the given provider is an IFS provider or not
BOOL IsNonIfsProvider(WSAPROTOCOL_INFOW *pProvider,INT iProviderCount,DWORD dwProviderId);
// Loads the WSCUpdateProvider function if available
HMODULE LoadUpdateProviderFunction();
// Counts how many orphaned layered chain entries exist
INT CountOrphanedChainEntries(WSAPROTOCOL_INFOW *pCatalog, INT iCatalogCount);
WSAPROTOCOL_INFOW *FindProviderById(DWORD CatalogId, WSAPROTOCOL_INFOW *Catalog, INT CatalogCount);
WSAPROTOCOL_INFOW *FindProviderByGuid(GUID *Guid, WSAPROTOCOL_INFOW *Catalog, INT CatalogCount);
DWORD GetCatalogIdForProviderGuid(GUID *Guid, WSAPROTOCOL_INFOW *Catalog, INT CatalogCount);
DWORD FindDummyIdFromProtocolChainId(DWORD CatalogId, WSAPROTOCOL_INFOW *Catalog, INT CatalogCount);
void InsertIdIntoProtocolChain(WSAPROTOCOL_INFOW *Entry, INT Index, DWORD InsertId);
void BuildSubsetLspChain(WSAPROTOCOL_INFOW *Entry, INT Index, DWORD DummyId);
void Cleanup();
public:
BOOL Install(UINT CatalogIDs[], CHAR* LSPName, BOOL IFSProvider, BOOL InstallOverAll, WINSOCK_CATALOG Catalog);
BOOL UninstallMe();
BOOL UninstallAll();
BOOL UninstallOne(DWORD dwRemoveCatalogId);
cLSPInstall(CHAR* DLLPath);
~cLSPInstall();
INT LSPError;
BOOL ReadyInstall;
GUID* LSPGuid;
CHAR* DLLPath;
CHAR* LSPName;
LPWSAPROTOCOL_INFOW ProtocolsInfo;
UINT nProtocols;
};
#endif