mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-11-14 05:30:41 +03:00
3f5f716357
- Hash() has been removed because it was ambiguous, Md5() and Sha0() are proper replacements. - HMacMd5() and HMacSha1() now share a common implementation handled by the new Internal_HMac() function. - NewMd() and MdProcess() now support plain hashing (without the key). - NewMd(), SetMdKey() and MdProcess() now check the OpenSSL functions' return value and in case of failure a debug message is printed along with the error string, if available. - SetMdKey()'s return value has been changed from void to bool, so that it's possible to know whether the function succeeded or not. - MdProcess()' return value has been changed from void to UINT (unsigned int) and the function now returns the number of bytes written by HMAC_Final() or EVP_DigestFinal_ex().
1920 lines
47 KiB
C
1920 lines
47 KiB
C
// SoftEther VPN Source Code - Developer Edition Master Branch
|
|
// Cedar Communication Module
|
|
//
|
|
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
|
|
//
|
|
// Copyright (c) Daiyuu Nobori.
|
|
// Copyright (c) SoftEther VPN Project, University of Tsukuba, Japan.
|
|
// Copyright (c) SoftEther Corporation.
|
|
//
|
|
// All Rights Reserved.
|
|
//
|
|
// http://www.softether.org/
|
|
//
|
|
// Author: Daiyuu Nobori, Ph.D.
|
|
// Comments: Tetsuo Sugiyama, Ph.D.
|
|
//
|
|
// This program is free software; you can redistribute it and/or
|
|
// modify it under the terms of the GNU General Public License
|
|
// version 2 as published by the Free Software Foundation.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License version 2
|
|
// along with this program; if not, write to the Free Software
|
|
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
//
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
|
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
|
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
|
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
|
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
//
|
|
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
|
|
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
|
|
//
|
|
//
|
|
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
|
|
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
|
|
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
|
|
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
|
|
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
|
|
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
|
|
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
|
|
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
|
|
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
|
|
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
|
|
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
|
|
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
|
|
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
|
|
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
|
|
//
|
|
// USE ONLY IN JAPAN. DO NOT USE THIS SOFTWARE IN ANOTHER COUNTRY UNLESS
|
|
// YOU HAVE A CONFIRMATION THAT THIS SOFTWARE DOES NOT VIOLATE ANY
|
|
// CRIMINAL LAWS OR CIVIL RIGHTS IN THAT PARTICULAR COUNTRY. USING THIS
|
|
// SOFTWARE IN OTHER COUNTRIES IS COMPLETELY AT YOUR OWN RISK. THE
|
|
// SOFTETHER VPN PROJECT HAS DEVELOPED AND DISTRIBUTED THIS SOFTWARE TO
|
|
// COMPLY ONLY WITH THE JAPANESE LAWS AND EXISTING CIVIL RIGHTS INCLUDING
|
|
// PATENTS WHICH ARE SUBJECTS APPLY IN JAPAN. OTHER COUNTRIES' LAWS OR
|
|
// CIVIL RIGHTS ARE NONE OF OUR CONCERNS NOR RESPONSIBILITIES. WE HAVE
|
|
// NEVER INVESTIGATED ANY CRIMINAL REGULATIONS, CIVIL LAWS OR
|
|
// INTELLECTUAL PROPERTY RIGHTS INCLUDING PATENTS IN ANY OF OTHER 200+
|
|
// COUNTRIES AND TERRITORIES. BY NATURE, THERE ARE 200+ REGIONS IN THE
|
|
// WORLD, WITH DIFFERENT LAWS. IT IS IMPOSSIBLE TO VERIFY EVERY
|
|
// COUNTRIES' LAWS, REGULATIONS AND CIVIL RIGHTS TO MAKE THE SOFTWARE
|
|
// COMPLY WITH ALL COUNTRIES' LAWS BY THE PROJECT. EVEN IF YOU WILL BE
|
|
// SUED BY A PRIVATE ENTITY OR BE DAMAGED BY A PUBLIC SERVANT IN YOUR
|
|
// COUNTRY, THE DEVELOPERS OF THIS SOFTWARE WILL NEVER BE LIABLE TO
|
|
// RECOVER OR COMPENSATE SUCH DAMAGES, CRIMINAL OR CIVIL
|
|
// RESPONSIBILITIES. NOTE THAT THIS LINE IS NOT LICENSE RESTRICTION BUT
|
|
// JUST A STATEMENT FOR WARNING AND DISCLAIMER.
|
|
//
|
|
//
|
|
// SOURCE CODE CONTRIBUTION
|
|
// ------------------------
|
|
//
|
|
// Your contribution to SoftEther VPN Project is much appreciated.
|
|
// Please send patches to us through GitHub.
|
|
// Read the SoftEther VPN Patch Acceptance Policy in advance:
|
|
// http://www.softether.org/5-download/src/9.patch
|
|
//
|
|
//
|
|
// DEAR SECURITY EXPERTS
|
|
// ---------------------
|
|
//
|
|
// If you find a bug or a security vulnerability please kindly inform us
|
|
// about the problem immediately so that we can fix the security problem
|
|
// to protect a lot of users around the world as soon as possible.
|
|
//
|
|
// Our e-mail address for security reports is:
|
|
// softether-vpn-security [at] softether.org
|
|
//
|
|
// Please note that the above e-mail address is not a technical support
|
|
// inquiry address. If you need technical assistance, please visit
|
|
// http://www.softether.org/ and ask your question on the users forum.
|
|
//
|
|
// Thank you for your cooperation.
|
|
//
|
|
//
|
|
// NO MEMORY OR RESOURCE LEAKS
|
|
// ---------------------------
|
|
//
|
|
// The memory-leaks and resource-leaks verification under the stress
|
|
// test has been passed before release this source code.
|
|
|
|
|
|
// Nat.c
|
|
// User-mode Router
|
|
|
|
#include "CedarPch.h"
|
|
|
|
static LOCK *nat_lock = NULL;
|
|
static NAT *nat = NULL;
|
|
|
|
|
|
// Disconnect the connection for the NAT administrator
|
|
void NatAdminDisconnect(RPC *r)
|
|
{
|
|
// Validate arguments
|
|
if (r == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
EndRpc(r);
|
|
}
|
|
|
|
// Connection for NAT administrator
|
|
RPC *NatAdminConnect(CEDAR *cedar, char *hostname, UINT port, void *hashed_password, UINT *err)
|
|
{
|
|
UCHAR secure_password[SHA1_SIZE];
|
|
UCHAR random[SHA1_SIZE];
|
|
SOCK *sock;
|
|
RPC *rpc;
|
|
PACK *p;
|
|
UINT error;
|
|
// Validate arguments
|
|
if (cedar == NULL || hostname == NULL || port == 0 || hashed_password == NULL || err == NULL)
|
|
{
|
|
if (err != NULL)
|
|
{
|
|
*err = ERR_INTERNAL_ERROR;
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
// Connection
|
|
sock = Connect(hostname, port);
|
|
if (sock == NULL)
|
|
{
|
|
*err = ERR_CONNECT_FAILED;
|
|
return NULL;
|
|
}
|
|
|
|
if (StartSSL(sock, NULL, NULL) == false)
|
|
{
|
|
*err = ERR_PROTOCOL_ERROR;
|
|
ReleaseSock(sock);
|
|
return NULL;
|
|
}
|
|
|
|
SetTimeout(sock, 5000);
|
|
|
|
p = HttpClientRecv(sock);
|
|
if (p == NULL)
|
|
{
|
|
*err = ERR_DISCONNECTED;
|
|
ReleaseSock(sock);
|
|
return NULL;
|
|
}
|
|
|
|
if (PackGetData2(p, "auth_random", random, SHA1_SIZE) == false)
|
|
{
|
|
FreePack(p);
|
|
*err = ERR_PROTOCOL_ERROR;
|
|
ReleaseSock(sock);
|
|
return NULL;
|
|
}
|
|
|
|
FreePack(p);
|
|
|
|
SecurePassword(secure_password, hashed_password, random);
|
|
|
|
p = NewPack();
|
|
PackAddData(p, "secure_password", secure_password, SHA1_SIZE);
|
|
|
|
if (HttpClientSend(sock, p) == false)
|
|
{
|
|
FreePack(p);
|
|
*err = ERR_DISCONNECTED;
|
|
ReleaseSock(sock);
|
|
return NULL;
|
|
}
|
|
|
|
FreePack(p);
|
|
|
|
p = HttpClientRecv(sock);
|
|
if (p == NULL)
|
|
{
|
|
*err = ERR_DISCONNECTED;
|
|
ReleaseSock(sock);
|
|
return NULL;
|
|
}
|
|
|
|
error = GetErrorFromPack(p);
|
|
|
|
FreePack(p);
|
|
|
|
if (error != ERR_NO_ERROR)
|
|
{
|
|
*err = error;
|
|
ReleaseSock(sock);
|
|
return NULL;
|
|
}
|
|
|
|
SetTimeout(sock, TIMEOUT_INFINITE);
|
|
|
|
rpc = StartRpcClient(sock, NULL);
|
|
ReleaseSock(sock);
|
|
|
|
return rpc;
|
|
}
|
|
|
|
// RPC functional related macro
|
|
#define DECLARE_RPC_EX(rpc_name, data_type, function, in_rpc, out_rpc, free_rpc) \
|
|
else if (StrCmpi(name, rpc_name) == 0) \
|
|
{ \
|
|
data_type t; \
|
|
Zero(&t, sizeof(t)); \
|
|
in_rpc(&t, p); \
|
|
err = function(n, &t); \
|
|
if (err == ERR_NO_ERROR) \
|
|
{ \
|
|
out_rpc(ret, &t); \
|
|
} \
|
|
free_rpc(&t); \
|
|
ok = true; \
|
|
}
|
|
#define DECLARE_RPC(rpc_name, data_type, function, in_rpc, out_rpc) \
|
|
else if (StrCmpi(name, rpc_name) == 0) \
|
|
{ \
|
|
data_type t; \
|
|
Zero(&t, sizeof(t)); \
|
|
in_rpc(&t, p); \
|
|
err = function(n, &t); \
|
|
if (err == ERR_NO_ERROR) \
|
|
{ \
|
|
out_rpc(ret, &t); \
|
|
} \
|
|
ok = true; \
|
|
}
|
|
#define DECLARE_SC_EX(rpc_name, data_type, function, in_rpc, out_rpc, free_rpc) \
|
|
UINT function(RPC *r, data_type *t) \
|
|
{ \
|
|
PACK *p, *ret; \
|
|
UINT err; \
|
|
if (r == NULL || t == NULL) \
|
|
{ \
|
|
return ERR_INTERNAL_ERROR; \
|
|
} \
|
|
p = NewPack(); \
|
|
out_rpc(p, t); \
|
|
free_rpc(t); \
|
|
Zero(t, sizeof(data_type)); \
|
|
ret = AdminCall(r, rpc_name, p); \
|
|
err = GetErrorFromPack(ret); \
|
|
if (err == ERR_NO_ERROR) \
|
|
{ \
|
|
in_rpc(t, ret); \
|
|
} \
|
|
FreePack(ret); \
|
|
return err; \
|
|
}
|
|
#define DECLARE_SC(rpc_name, data_type, function, in_rpc, out_rpc) \
|
|
UINT function(RPC *r, data_type *t) \
|
|
{ \
|
|
PACK *p, *ret; \
|
|
UINT err; \
|
|
if (r == NULL || t == NULL) \
|
|
{ \
|
|
return ERR_INTERNAL_ERROR; \
|
|
} \
|
|
p = NewPack(); \
|
|
out_rpc(p, t); \
|
|
ret = AdminCall(r, rpc_name, p); \
|
|
err = GetErrorFromPack(ret); \
|
|
if (err == ERR_NO_ERROR) \
|
|
{ \
|
|
in_rpc(t, ret); \
|
|
} \
|
|
FreePack(ret); \
|
|
return err; \
|
|
}
|
|
|
|
// RPC server function
|
|
PACK *NiRpcServer(RPC *r, char *name, PACK *p)
|
|
{
|
|
NAT *n;
|
|
PACK *ret;
|
|
UINT err;
|
|
bool ok;
|
|
// Validate arguments
|
|
if (r == NULL || name == NULL || p == NULL)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
n = (NAT *)r->Param;
|
|
ret = NewPack();
|
|
err = ERR_NO_ERROR;
|
|
ok = false;
|
|
|
|
if (0) {}
|
|
|
|
// RPC function definition: From here
|
|
|
|
// DECLARE_RPC("Online", RPC_DUMMY, NtOnline, InRpcDummy, OutRpcDummy)
|
|
// DECLARE_RPC("Offline", RPC_DUMMY, NtOffline, InRpcDummy, OutRpcDummy)
|
|
DECLARE_RPC("SetHostOption", VH_OPTION, NtSetHostOption, InVhOption, OutVhOption)
|
|
DECLARE_RPC("GetHostOption", VH_OPTION, NtGetHostOption, InVhOption, OutVhOption)
|
|
// DECLARE_RPC_EX("SetClientConfig", RPC_CREATE_LINK, NtSetClientConfig, InRpcCreateLink, OutRpcCreateLink, FreeRpcCreateLink)
|
|
// DECLARE_RPC_EX("GetClientConfig", RPC_CREATE_LINK, NtGetClientConfig, InRpcCreateLink, OutRpcCreateLink, FreeRpcCreateLink)
|
|
DECLARE_RPC_EX("GetStatus", RPC_NAT_STATUS, NtGetStatus, InRpcNatStatus, OutRpcNatStatus, FreeRpcNatStatus)
|
|
// DECLARE_RPC_EX("GetInfo", RPC_NAT_INFO, NtGetInfo, InRpcNatInfo, OutRpcNatInfo, FreeRpcNatInfo)
|
|
DECLARE_RPC_EX("EnumNatList", RPC_ENUM_NAT, NtEnumNatList, InRpcEnumNat, OutRpcEnumNat, FreeRpcEnumNat)
|
|
DECLARE_RPC_EX("EnumDhcpList", RPC_ENUM_DHCP, NtEnumDhcpList, InRpcEnumDhcp, OutRpcEnumDhcp, FreeRpcEnumDhcp)
|
|
// DECLARE_RPC("SetPassword", RPC_SET_PASSWORD, NtSetPassword, InRpcSetPassword, OutRpcSetPassword)
|
|
|
|
// RPC function definition: To here
|
|
|
|
if (ok == false)
|
|
{
|
|
err = ERR_NOT_SUPPORTED;
|
|
}
|
|
|
|
PackAddInt(ret, "error", err);
|
|
|
|
return ret;
|
|
}
|
|
|
|
|
|
|
|
|
|
// RPC call definition: From here
|
|
|
|
DECLARE_SC("Online", RPC_DUMMY, NcOnline, InRpcDummy, OutRpcDummy)
|
|
DECLARE_SC("Offline", RPC_DUMMY, NcOffline, InRpcDummy, OutRpcDummy)
|
|
DECLARE_SC("SetHostOption", VH_OPTION, NcSetHostOption, InVhOption, OutVhOption)
|
|
DECLARE_SC("GetHostOption", VH_OPTION, NcGetHostOption, InVhOption, OutVhOption)
|
|
DECLARE_SC_EX("SetClientConfig", RPC_CREATE_LINK, NcSetClientConfig, InRpcCreateLink, OutRpcCreateLink, FreeRpcCreateLink)
|
|
DECLARE_SC_EX("GetClientConfig", RPC_CREATE_LINK, NcGetClientConfig, InRpcCreateLink, OutRpcCreateLink, FreeRpcCreateLink)
|
|
DECLARE_SC_EX("GetStatus", RPC_NAT_STATUS, NcGetStatus, InRpcNatStatus, OutRpcNatStatus, FreeRpcNatStatus)
|
|
DECLARE_SC_EX("GetInfo", RPC_NAT_INFO, NcGetInfo, InRpcNatInfo, OutRpcNatInfo, FreeRpcNatInfo)
|
|
DECLARE_SC_EX("EnumNatList", RPC_ENUM_NAT, NcEnumNatList, InRpcEnumNat, OutRpcEnumNat, FreeRpcEnumNat)
|
|
DECLARE_SC_EX("EnumDhcpList", RPC_ENUM_DHCP, NcEnumDhcpList, InRpcEnumDhcp, OutRpcEnumDhcp, FreeRpcEnumDhcp)
|
|
DECLARE_SC("SetPassword", RPC_SET_PASSWORD, NcSetPassword, InRpcSetPassword, OutRpcSetPassword)
|
|
|
|
// RPC call definition: To here
|
|
|
|
|
|
|
|
// Set a password
|
|
UINT NtSetPassword(NAT *n, RPC_SET_PASSWORD *t)
|
|
{
|
|
Copy(n->HashedPassword, t->HashedPassword, SHA1_SIZE);
|
|
|
|
NiWriteConfig(n);
|
|
|
|
return ERR_NO_ERROR;
|
|
}
|
|
|
|
// Online
|
|
UINT NtOnline(NAT *n, RPC_DUMMY *t)
|
|
{
|
|
UINT ret = ERR_NO_ERROR;
|
|
|
|
Lock(n->lock);
|
|
{
|
|
if (n->Online)
|
|
{
|
|
// It is already online
|
|
ret = ERR_ALREADY_ONLINE;
|
|
}
|
|
else
|
|
{
|
|
if (n->ClientOption == NULL || n->ClientAuth == NULL)
|
|
{
|
|
// Setting is not yet done
|
|
ret = ERR_ACCOUNT_NOT_PRESENT;
|
|
}
|
|
else
|
|
{
|
|
// OK
|
|
n->Online = true;
|
|
|
|
// Start connection
|
|
n->Virtual = NewVirtualHostEx(n->Cedar, n->ClientOption, n->ClientAuth,
|
|
&n->Option, n);
|
|
}
|
|
}
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
NiWriteConfig(n);
|
|
|
|
return ret;
|
|
}
|
|
|
|
// Offline
|
|
UINT NtOffline(NAT *n, RPC_DUMMY *t)
|
|
{
|
|
UINT ret = ERR_NO_ERROR;
|
|
|
|
Lock(n->lock);
|
|
{
|
|
if (n->Online == false)
|
|
{
|
|
// It is offline
|
|
ret = ERR_OFFLINE;
|
|
}
|
|
else
|
|
{
|
|
// Offline
|
|
StopVirtualHost(n->Virtual);
|
|
ReleaseVirtual(n->Virtual);
|
|
n->Virtual = NULL;
|
|
|
|
n->Online = false;
|
|
}
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
NiWriteConfig(n);
|
|
|
|
return ret;
|
|
}
|
|
|
|
// Set host options
|
|
UINT NtSetHostOption(NAT *n, VH_OPTION *t)
|
|
{
|
|
UINT ret = ERR_NO_ERROR;
|
|
|
|
Lock(n->lock);
|
|
{
|
|
Copy(&n->Option, t, sizeof(VH_OPTION));
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
SetVirtualHostOption(n->Virtual, t);
|
|
|
|
NiWriteConfig(n);
|
|
|
|
return ret;
|
|
}
|
|
|
|
// Get host options
|
|
UINT NtGetHostOption(NAT *n, VH_OPTION *t)
|
|
{
|
|
UINT ret = ERR_NO_ERROR;
|
|
|
|
Lock(n->lock);
|
|
{
|
|
Copy(t, &n->Option, sizeof(VH_OPTION));
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
return ret;
|
|
}
|
|
|
|
// Set the connection settings
|
|
UINT NtSetClientConfig(NAT *n, RPC_CREATE_LINK *t)
|
|
{
|
|
Lock(n->lock);
|
|
{
|
|
if (n->ClientOption != NULL || n->ClientAuth != NULL)
|
|
{
|
|
Free(n->ClientOption);
|
|
CiFreeClientAuth(n->ClientAuth);
|
|
}
|
|
|
|
n->ClientOption = ZeroMalloc(sizeof(CLIENT_OPTION));
|
|
Copy(n->ClientOption, t->ClientOption, sizeof(CLIENT_OPTION));
|
|
n->ClientAuth = CopyClientAuth(t->ClientAuth);
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
NiWriteConfig(n);
|
|
|
|
if (n->Online)
|
|
{
|
|
NtOffline(n, NULL);
|
|
NtOnline(n, NULL);
|
|
}
|
|
|
|
return ERR_NO_ERROR;
|
|
}
|
|
|
|
// Get the connection settings
|
|
UINT NtGetClientConfig(NAT *n, RPC_CREATE_LINK *t)
|
|
{
|
|
UINT err = ERR_NO_ERROR;
|
|
|
|
Lock(n->lock);
|
|
{
|
|
if (n->ClientOption == NULL || n->ClientAuth == NULL)
|
|
{
|
|
err = ERR_ACCOUNT_NOT_PRESENT;
|
|
}
|
|
else
|
|
{
|
|
FreeRpcCreateLink(t);
|
|
|
|
Zero(t, sizeof(RPC_CREATE_LINK));
|
|
t->ClientOption = ZeroMalloc(sizeof(CLIENT_OPTION));
|
|
Copy(t->ClientOption, n->ClientOption, sizeof(CLIENT_OPTION));
|
|
t->ClientAuth = CopyClientAuth(n->ClientAuth);
|
|
}
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
return err;
|
|
}
|
|
|
|
// Get the state
|
|
UINT NtGetStatus(NAT *n, RPC_NAT_STATUS *t)
|
|
{
|
|
Lock(n->lock);
|
|
{
|
|
VH *v = n->Virtual;
|
|
FreeRpcNatStatus(t);
|
|
Zero(t, sizeof(RPC_NAT_STATUS));
|
|
|
|
LockVirtual(v);
|
|
{
|
|
UINT i;
|
|
|
|
LockList(v->NatTable);
|
|
{
|
|
for (i = 0;i < LIST_NUM(v->NatTable);i++)
|
|
{
|
|
NAT_ENTRY *e = LIST_DATA(v->NatTable, i);
|
|
|
|
switch (e->Protocol)
|
|
{
|
|
case NAT_TCP:
|
|
t->NumTcpSessions++;
|
|
break;
|
|
|
|
case NAT_UDP:
|
|
t->NumUdpSessions++;
|
|
break;
|
|
|
|
case NAT_ICMP:
|
|
t->NumIcmpSessions++;
|
|
break;
|
|
|
|
case NAT_DNS:
|
|
t->NumDnsSessions++;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (NnIsActive(v) && v->NativeNat != NULL)
|
|
{
|
|
NATIVE_NAT *nn = v->NativeNat;
|
|
|
|
for (i = 0;i < LIST_NUM(nn->NatTableForSend->AllList);i++)
|
|
{
|
|
NATIVE_NAT_ENTRY *e = LIST_DATA(nn->NatTableForSend->AllList, i);
|
|
|
|
switch (e->Protocol)
|
|
{
|
|
case NAT_TCP:
|
|
t->NumTcpSessions++;
|
|
break;
|
|
|
|
case NAT_UDP:
|
|
t->NumUdpSessions++;
|
|
break;
|
|
|
|
case NAT_ICMP:
|
|
t->NumIcmpSessions++;
|
|
break;
|
|
|
|
case NAT_DNS:
|
|
t->NumDnsSessions++;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
UnlockList(v->NatTable);
|
|
|
|
t->NumDhcpClients = LIST_NUM(v->DhcpLeaseList);
|
|
|
|
t->IsKernelMode = NnIsActiveEx(v, &t->IsRawIpMode);
|
|
}
|
|
UnlockVirtual(v);
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
return ERR_NO_ERROR;
|
|
}
|
|
|
|
// Get the information
|
|
UINT NtGetInfo(NAT *n, RPC_NAT_INFO *t)
|
|
{
|
|
OS_INFO *info;
|
|
FreeRpcNatInfo(t);
|
|
Zero(t, sizeof(RPC_NAT_INFO));
|
|
|
|
StrCpy(t->NatProductName, sizeof(t->NatProductName), CEDAR_ROUTER_STR);
|
|
StrCpy(t->NatVersionString, sizeof(t->NatVersionString), n->Cedar->VerString);
|
|
StrCpy(t->NatBuildInfoString, sizeof(t->NatBuildInfoString), n->Cedar->BuildInfo);
|
|
t->NatVerInt = n->Cedar->Build;
|
|
t->NatBuildInt = n->Cedar->Build;
|
|
|
|
GetMachineName(t->NatHostName, sizeof(t->NatHostName));
|
|
|
|
info = GetOsInfo();
|
|
|
|
CopyOsInfo(&t->OsInfo, info);
|
|
|
|
GetMemInfo(&t->MemInfo);
|
|
|
|
return ERR_NO_ERROR;
|
|
}
|
|
|
|
// Get the NAT list
|
|
UINT NtEnumNatList(NAT *n, RPC_ENUM_NAT *t)
|
|
{
|
|
UINT ret = ERR_NO_ERROR;
|
|
VH *v = NULL;
|
|
|
|
Lock(n->lock);
|
|
{
|
|
v = n->Virtual;
|
|
|
|
if (n->Online == false || v == NULL)
|
|
{
|
|
ret = ERR_OFFLINE;
|
|
}
|
|
else
|
|
{
|
|
LockVirtual(v);
|
|
{
|
|
if (v->Active == false)
|
|
{
|
|
ret = ERR_OFFLINE;
|
|
}
|
|
else
|
|
{
|
|
FreeRpcEnumNat(t);
|
|
Zero(t, sizeof(RPC_ENUM_NAT));
|
|
|
|
LockList(v->NatTable);
|
|
{
|
|
UINT i;
|
|
UINT num_usermode_nat = LIST_NUM(v->NatTable);
|
|
UINT num_kernel_mode_nat = 0;
|
|
NATIVE_NAT *native = NULL;
|
|
|
|
if (NnIsActive(v) && (v->NativeNat != NULL))
|
|
{
|
|
native = v->NativeNat;
|
|
|
|
num_kernel_mode_nat = LIST_NUM(native->NatTableForSend->AllList);
|
|
}
|
|
|
|
t->NumItem = num_usermode_nat + num_kernel_mode_nat;
|
|
t->Items = ZeroMalloc(sizeof(RPC_ENUM_NAT_ITEM) * t->NumItem);
|
|
|
|
// Enumerate entries of the user mode NAT
|
|
for (i = 0;i < num_usermode_nat;i++)
|
|
{
|
|
NAT_ENTRY *nat = LIST_DATA(v->NatTable, i);
|
|
RPC_ENUM_NAT_ITEM *e = &t->Items[i];
|
|
|
|
e->Id = nat->Id;
|
|
e->Protocol = nat->Protocol;
|
|
e->SrcIp = nat->SrcIp;
|
|
e->DestIp = nat->DestIp;
|
|
e->SrcPort = nat->SrcPort;
|
|
e->DestPort = nat->DestPort;
|
|
|
|
e->CreatedTime = TickToTime(nat->CreatedTime);
|
|
e->LastCommTime = TickToTime(nat->LastCommTime);
|
|
|
|
IPToStr32(e->SrcHost, sizeof(e->SrcHost), e->SrcIp);
|
|
IPToStr32(e->DestHost, sizeof(e->DestHost), e->DestIp);
|
|
|
|
if (nat->Sock != NULL)
|
|
{
|
|
e->SendSize = nat->Sock->SendSize;
|
|
e->RecvSize = nat->Sock->RecvSize;
|
|
|
|
if (nat->Sock->Type == SOCK_TCP)
|
|
{
|
|
StrCpy(e->DestHost, sizeof(e->DestHost), nat->Sock->RemoteHostname);
|
|
}
|
|
}
|
|
|
|
e->TcpStatus = nat->TcpStatus;
|
|
}
|
|
|
|
// Enumerate the entries in the kernel-mode NAT
|
|
if (native != NULL)
|
|
{
|
|
for (i = 0;i < num_kernel_mode_nat;i++)
|
|
{
|
|
NATIVE_NAT_ENTRY *nat = LIST_DATA(native->NatTableForSend->AllList, i);
|
|
RPC_ENUM_NAT_ITEM *e = &t->Items[num_usermode_nat + i];
|
|
|
|
e->Id = nat->Id;
|
|
e->Protocol = nat->Protocol;
|
|
e->SrcIp = nat->SrcIp;
|
|
e->DestIp = nat->DestIp;
|
|
e->SrcPort = nat->SrcPort;
|
|
e->DestPort = nat->DestPort;
|
|
e->CreatedTime = TickToTime(nat->CreatedTime);
|
|
e->LastCommTime = TickToTime(nat->LastCommTime);
|
|
|
|
IPToStr32(e->SrcHost, sizeof(e->SrcHost), e->SrcIp);
|
|
IPToStr32(e->DestHost, sizeof(e->DestHost), e->DestIp);
|
|
|
|
e->SendSize = nat->TotalSent;
|
|
e->RecvSize = nat->TotalRecv;
|
|
|
|
e->TcpStatus = nat->Status;
|
|
}
|
|
}
|
|
}
|
|
UnlockList(v->NatTable);
|
|
}
|
|
}
|
|
UnlockVirtual(v);
|
|
}
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
return ret;
|
|
}
|
|
|
|
UINT NtEnumDhcpList(NAT *n, RPC_ENUM_DHCP *t)
|
|
{
|
|
UINT ret = ERR_NO_ERROR;
|
|
VH *v = NULL;
|
|
|
|
Lock(n->lock);
|
|
{
|
|
v = n->Virtual;
|
|
|
|
if (n->Online == false || v == NULL)
|
|
{
|
|
ret = ERR_OFFLINE;
|
|
}
|
|
else
|
|
{
|
|
LockVirtual(v);
|
|
{
|
|
if (v->Active == false)
|
|
{
|
|
ret = ERR_OFFLINE;
|
|
}
|
|
else
|
|
{
|
|
FreeRpcEnumDhcp(t);
|
|
Zero(t, sizeof(RPC_ENUM_DHCP));
|
|
|
|
LockList(v->DhcpLeaseList);
|
|
{
|
|
UINT i;
|
|
t->NumItem = LIST_NUM(v->DhcpLeaseList);
|
|
t->Items = ZeroMalloc(sizeof(RPC_ENUM_DHCP_ITEM) * t->NumItem);
|
|
|
|
for (i = 0;i < t->NumItem;i++)
|
|
{
|
|
DHCP_LEASE *dhcp = LIST_DATA(v->DhcpLeaseList, i);
|
|
RPC_ENUM_DHCP_ITEM *e = &t->Items[i];
|
|
|
|
e->Id = dhcp->Id;
|
|
e->LeasedTime = TickToTime(dhcp->LeasedTime);
|
|
e->ExpireTime = TickToTime(dhcp->ExpireTime);
|
|
Copy(e->MacAddress, dhcp->MacAddress, 6);
|
|
e->IpAddress = dhcp->IpAddress;
|
|
e->Mask = dhcp->Mask;
|
|
StrCpy(e->Hostname, sizeof(e->Hostname), dhcp->Hostname);
|
|
}
|
|
}
|
|
UnlockList(v->DhcpLeaseList);
|
|
}
|
|
}
|
|
UnlockVirtual(v);
|
|
}
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
return ret;
|
|
}
|
|
|
|
// VH_OPTION
|
|
void InVhOption(VH_OPTION *t, PACK *p)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Zero(t, sizeof(VH_OPTION));
|
|
PackGetData2(p, "MacAddress", t->MacAddress, 6);
|
|
PackGetIp(p, "Ip", &t->Ip);
|
|
PackGetIp(p, "Mask", &t->Mask);
|
|
t->UseNat = PackGetBool(p, "UseNat");
|
|
t->Mtu = PackGetInt(p, "Mtu");
|
|
t->NatTcpTimeout = PackGetInt(p, "NatTcpTimeout");
|
|
t->NatUdpTimeout = PackGetInt(p, "NatUdpTimeout");
|
|
t->UseDhcp = PackGetBool(p, "UseDhcp");
|
|
PackGetIp(p, "DhcpLeaseIPStart", &t->DhcpLeaseIPStart);
|
|
PackGetIp(p, "DhcpLeaseIPEnd", &t->DhcpLeaseIPEnd);
|
|
PackGetIp(p, "DhcpSubnetMask", &t->DhcpSubnetMask);
|
|
t->DhcpExpireTimeSpan = PackGetInt(p, "DhcpExpireTimeSpan");
|
|
PackGetIp(p, "DhcpGatewayAddress", &t->DhcpGatewayAddress);
|
|
PackGetIp(p, "DhcpDnsServerAddress", &t->DhcpDnsServerAddress);
|
|
PackGetIp(p, "DhcpDnsServerAddress2", &t->DhcpDnsServerAddress2);
|
|
PackGetStr(p, "DhcpDomainName", t->DhcpDomainName, sizeof(t->DhcpDomainName));
|
|
t->SaveLog = PackGetBool(p, "SaveLog");
|
|
PackGetStr(p, "RpcHubName", t->HubName, sizeof(t->HubName));
|
|
t->ApplyDhcpPushRoutes = PackGetBool(p, "ApplyDhcpPushRoutes");
|
|
PackGetStr(p, "DhcpPushRoutes", t->DhcpPushRoutes, sizeof(t->DhcpPushRoutes));
|
|
}
|
|
void OutVhOption(PACK *p, VH_OPTION *t)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
PackAddData(p, "MacAddress", t->MacAddress, 6);
|
|
PackAddIp(p, "Ip", &t->Ip);
|
|
PackAddIp(p, "Mask", &t->Mask);
|
|
PackAddBool(p, "UseNat", t->UseNat);
|
|
PackAddInt(p, "Mtu", t->Mtu);
|
|
PackAddInt(p, "NatTcpTimeout", t->NatTcpTimeout);
|
|
PackAddInt(p, "NatUdpTimeout", t->NatUdpTimeout);
|
|
PackAddBool(p, "UseDhcp", t->UseDhcp);
|
|
PackAddIp(p, "DhcpLeaseIPStart", &t->DhcpLeaseIPStart);
|
|
PackAddIp(p, "DhcpLeaseIPEnd", &t->DhcpLeaseIPEnd);
|
|
PackAddIp(p, "DhcpSubnetMask", &t->DhcpSubnetMask);
|
|
PackAddInt(p, "DhcpExpireTimeSpan", t->DhcpExpireTimeSpan);
|
|
PackAddIp(p, "DhcpGatewayAddress", &t->DhcpGatewayAddress);
|
|
PackAddIp(p, "DhcpDnsServerAddress", &t->DhcpDnsServerAddress);
|
|
PackAddIp(p, "DhcpDnsServerAddress2", &t->DhcpDnsServerAddress2);
|
|
PackAddStr(p, "DhcpDomainName", t->DhcpDomainName);
|
|
PackAddBool(p, "SaveLog", t->SaveLog);
|
|
PackAddStr(p, "RpcHubName", t->HubName);
|
|
PackAddBool(p, "ApplyDhcpPushRoutes", true);
|
|
PackAddStr(p, "DhcpPushRoutes", t->DhcpPushRoutes);
|
|
}
|
|
|
|
// RPC_ENUM_DHCP
|
|
void InRpcEnumDhcp(RPC_ENUM_DHCP *t, PACK *p)
|
|
{
|
|
UINT i;
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Zero(t, sizeof(RPC_ENUM_DHCP));
|
|
t->NumItem = PackGetInt(p, "NumItem");
|
|
t->Items = ZeroMalloc(sizeof(RPC_ENUM_DHCP_ITEM) * t->NumItem);
|
|
PackGetStr(p, "HubName", t->HubName, sizeof(t->HubName));
|
|
|
|
for (i = 0;i < t->NumItem;i++)
|
|
{
|
|
RPC_ENUM_DHCP_ITEM *e = &t->Items[i];
|
|
|
|
e->Id = PackGetIntEx(p, "Id", i);
|
|
e->LeasedTime = PackGetInt64Ex(p, "LeasedTime", i);
|
|
e->ExpireTime = PackGetInt64Ex(p, "ExpireTime", i);
|
|
PackGetDataEx2(p, "MacAddress", e->MacAddress, 6, i);
|
|
e->IpAddress = PackGetIp32Ex(p, "IpAddress", i);
|
|
e->Mask = PackGetIntEx(p, "Mask", i);
|
|
PackGetStrEx(p, "Hostname", e->Hostname, sizeof(e->Hostname), i);
|
|
}
|
|
}
|
|
void OutRpcEnumDhcp(PACK *p, RPC_ENUM_DHCP *t)
|
|
{
|
|
UINT i;
|
|
// Validate arguments
|
|
if (p == NULL || t == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
PackAddInt(p, "NumItem", t->NumItem);
|
|
PackAddStr(p, "HubName", t->HubName);
|
|
|
|
for (i = 0;i < t->NumItem;i++)
|
|
{
|
|
RPC_ENUM_DHCP_ITEM *e = &t->Items[i];
|
|
|
|
PackAddIntEx(p, "Id", e->Id, i, t->NumItem);
|
|
PackAddInt64Ex(p, "LeasedTime", e->LeasedTime, i, t->NumItem);
|
|
PackAddInt64Ex(p, "ExpireTime", e->ExpireTime, i, t->NumItem);
|
|
PackAddDataEx(p, "MacAddress", e->MacAddress, 6, i, t->NumItem);
|
|
PackAddIp32Ex(p, "IpAddress", e->IpAddress, i, t->NumItem);
|
|
PackAddIntEx(p, "Mask", e->Mask, i, t->NumItem);
|
|
PackAddStrEx(p, "Hostname", e->Hostname, i, t->NumItem);
|
|
}
|
|
}
|
|
void FreeRpcEnumDhcp(RPC_ENUM_DHCP *t)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Free(t->Items);
|
|
}
|
|
|
|
// RPC_ENUM_NAT
|
|
void InRpcEnumNat(RPC_ENUM_NAT *t, PACK *p)
|
|
{
|
|
UINT i;
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Zero(t, sizeof(RPC_ENUM_NAT));
|
|
t->NumItem = PackGetInt(p, "NumItem");
|
|
PackGetStr(p, "HubName", t->HubName, sizeof(t->HubName));
|
|
t->Items = ZeroMalloc(sizeof(RPC_ENUM_NAT_ITEM) * t->NumItem);
|
|
for (i = 0;i < t->NumItem;i++)
|
|
{
|
|
RPC_ENUM_NAT_ITEM *e = &t->Items[i];
|
|
|
|
e->Id = PackGetIntEx(p, "Id", i);
|
|
e->Protocol = PackGetIntEx(p, "Protocol", i);
|
|
e->SrcIp = PackGetIntEx(p, "SrcIp", i);
|
|
PackGetStrEx(p, "SrcHost", e->SrcHost, sizeof(e->SrcHost), i);
|
|
e->SrcPort = PackGetIntEx(p, "SrcPort", i);
|
|
e->DestIp = PackGetIntEx(p, "DestIp", i);
|
|
PackGetStrEx(p, "DestHost", e->DestHost, sizeof(e->DestHost), i);
|
|
e->DestPort = PackGetIntEx(p, "DestPort", i);
|
|
e->CreatedTime = PackGetInt64Ex(p, "CreatedTime", i);
|
|
e->LastCommTime = PackGetInt64Ex(p, "LastCommTime", i);
|
|
e->SendSize = PackGetInt64Ex(p, "SendSize", i);
|
|
e->RecvSize = PackGetInt64Ex(p, "RecvSize", i);
|
|
e->TcpStatus = PackGetIntEx(p, "TcpStatus", i);
|
|
}
|
|
}
|
|
void OutRpcEnumNat(PACK *p, RPC_ENUM_NAT *t)
|
|
{
|
|
UINT i;
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
PackAddInt(p, "NumItem", t->NumItem);
|
|
PackAddStr(p, "HubName", t->HubName);
|
|
for (i = 0;i < t->NumItem;i++)
|
|
{
|
|
RPC_ENUM_NAT_ITEM *e = &t->Items[i];
|
|
|
|
PackAddIntEx(p, "Id", e->Id, i, t->NumItem);
|
|
PackAddIntEx(p, "Protocol", e->Protocol, i, t->NumItem);
|
|
PackAddIp32Ex(p, "SrcIp", e->SrcIp, i, t->NumItem);
|
|
PackAddStrEx(p, "SrcHost", e->SrcHost, i, t->NumItem);
|
|
PackAddIntEx(p, "SrcPort", e->SrcPort, i, t->NumItem);
|
|
PackAddIp32Ex(p, "DestIp", e->DestIp, i, t->NumItem);
|
|
PackAddStrEx(p, "DestHost", e->DestHost, i, t->NumItem);
|
|
PackAddIntEx(p, "DestPort", e->DestPort, i, t->NumItem);
|
|
PackAddInt64Ex(p, "CreatedTime", e->CreatedTime, i, t->NumItem);
|
|
PackAddInt64Ex(p, "LastCommTime", e->LastCommTime, i, t->NumItem);
|
|
PackAddInt64Ex(p, "SendSize", e->SendSize, i, t->NumItem);
|
|
PackAddInt64Ex(p, "RecvSize", e->RecvSize, i, t->NumItem);
|
|
PackAddIntEx(p, "TcpStatus", e->TcpStatus, i, t->NumItem);
|
|
}
|
|
}
|
|
void FreeRpcEnumNat(RPC_ENUM_NAT *t)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Free(t->Items);
|
|
}
|
|
|
|
// RPC_NAT_INFO
|
|
void InRpcNatInfo(RPC_NAT_INFO *t, PACK *p)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Zero(t, sizeof(RPC_NAT_INFO));
|
|
PackGetStr(p, "NatProductName", t->NatProductName, sizeof(t->NatProductName));
|
|
PackGetStr(p, "NatVersionString", t->NatVersionString, sizeof(t->NatVersionString));
|
|
PackGetStr(p, "NatBuildInfoString", t->NatBuildInfoString, sizeof(t->NatBuildInfoString));
|
|
t->NatVerInt = PackGetInt(p, "NatVerInt");
|
|
t->NatBuildInt = PackGetInt(p, "NatBuildInt");
|
|
PackGetStr(p, "NatHostName", t->NatHostName, sizeof(t->NatHostName));
|
|
InRpcOsInfo(&t->OsInfo, p);
|
|
InRpcMemInfo(&t->MemInfo, p);
|
|
}
|
|
void OutRpcNatInfo(PACK *p, RPC_NAT_INFO *t)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
PackAddStr(p, "NatProductName", t->NatProductName);
|
|
PackAddStr(p, "NatVersionString", t->NatVersionString);
|
|
PackAddStr(p, "NatBuildInfoString", t->NatBuildInfoString);
|
|
PackAddInt(p, "NatVerInt", t->NatVerInt);
|
|
PackAddInt(p, "NatBuildInt", t->NatBuildInt);
|
|
PackAddStr(p, "NatHostName", t->NatHostName);
|
|
OutRpcOsInfo(p, &t->OsInfo);
|
|
OutRpcMemInfo(p, &t->MemInfo);
|
|
}
|
|
void FreeRpcNatInfo(RPC_NAT_INFO *t)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
FreeRpcOsInfo(&t->OsInfo);
|
|
}
|
|
|
|
// RPC_NAT_STATUS
|
|
void InRpcNatStatus(RPC_NAT_STATUS *t, PACK *p)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Zero(t, sizeof(RPC_NAT_STATUS));
|
|
t->NumTcpSessions = PackGetInt(p, "NumTcpSessions");
|
|
t->NumUdpSessions = PackGetInt(p, "NumUdpSessions");
|
|
t->NumIcmpSessions = PackGetInt(p, "NumIcmpSessions");
|
|
t->NumDnsSessions = PackGetInt(p, "NumDnsSessions");
|
|
t->NumDhcpClients = PackGetInt(p, "NumDhcpClients");
|
|
t->IsKernelMode = PackGetBool(p, "IsKernelMode");
|
|
t->IsRawIpMode = PackGetBool(p, "IsRawIpMode");
|
|
PackGetStr(p, "HubName", t->HubName, sizeof(t->HubName));
|
|
}
|
|
void OutRpcNatStatus(PACK *p, RPC_NAT_STATUS *t)
|
|
{
|
|
// Validate arguments
|
|
if (p == NULL || t == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
PackAddStr(p, "HubName", t->HubName);
|
|
PackAddInt(p, "NumTcpSessions", t->NumTcpSessions);
|
|
PackAddInt(p, "NumUdpSessions", t->NumUdpSessions);
|
|
PackAddInt(p, "NumIcmpSessions", t->NumIcmpSessions);
|
|
PackAddInt(p, "NumDnsSessions", t->NumDnsSessions);
|
|
PackAddInt(p, "NumDhcpClients", t->NumDhcpClients);
|
|
PackAddBool(p, "IsKernelMode", t->IsKernelMode);
|
|
PackAddBool(p, "IsRawIpMode", t->IsRawIpMode);
|
|
}
|
|
void FreeRpcNatStatus(RPC_NAT_STATUS *t)
|
|
{
|
|
}
|
|
|
|
// RPC_DUMMY
|
|
void InRpcDummy(RPC_DUMMY *t, PACK *p)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Zero(t, sizeof(RPC_DUMMY));
|
|
t->DummyValue = PackGetInt(p, "DummyValue");
|
|
}
|
|
void OutRpcDummy(PACK *p, RPC_DUMMY *t)
|
|
{
|
|
// Validate arguments
|
|
if (t == NULL || p == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
PackAddInt(p, "DummyValue", t->DummyValue);
|
|
}
|
|
|
|
// Main procedure for management
|
|
void NiAdminMain(NAT *n, SOCK *s)
|
|
{
|
|
RPC *r;
|
|
PACK *p;
|
|
// Validate arguments
|
|
if (n == NULL || s == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
p = NewPack();
|
|
HttpServerSend(s, p);
|
|
FreePack(p);
|
|
|
|
r = StartRpcServer(s, NiRpcServer, n);
|
|
|
|
RpcServer(r);
|
|
|
|
RpcFree(r);
|
|
}
|
|
|
|
// Management thread
|
|
void NiAdminThread(THREAD *thread, void *param)
|
|
{
|
|
NAT_ADMIN *a = (NAT_ADMIN *)param;
|
|
NAT *n;
|
|
SOCK *s;
|
|
UCHAR random[SHA1_SIZE];
|
|
UINT err;
|
|
// Validate arguments
|
|
if (thread == NULL || param == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
// Random number generation
|
|
Rand(random, sizeof(random));
|
|
|
|
a->Thread = thread;
|
|
AddRef(a->Thread->ref);
|
|
s = a->Sock;
|
|
AddRef(s->ref);
|
|
|
|
n = a->Nat;
|
|
|
|
LockList(n->AdminList);
|
|
{
|
|
Add(n->AdminList, a);
|
|
}
|
|
UnlockList(n->AdminList);
|
|
|
|
NoticeThreadInit(thread);
|
|
|
|
err = ERR_AUTH_FAILED;
|
|
|
|
if (StartSSL(s, n->AdminX, n->AdminK))
|
|
{
|
|
PACK *p;
|
|
|
|
// Send the random number
|
|
p = NewPack();
|
|
PackAddData(p, "auth_random", random, sizeof(random));
|
|
|
|
if (HttpServerSend(s, p))
|
|
{
|
|
PACK *p;
|
|
// Receive a password
|
|
p = HttpServerRecv(s);
|
|
if (p != NULL)
|
|
{
|
|
UCHAR secure_password[SHA1_SIZE];
|
|
UCHAR secure_check[SHA1_SIZE];
|
|
|
|
if (PackGetData2(p, "secure_password", secure_password, sizeof(secure_password)))
|
|
{
|
|
SecurePassword(secure_check, n->HashedPassword, random);
|
|
|
|
if (Cmp(secure_check, secure_password, SHA1_SIZE) == 0)
|
|
{
|
|
UCHAR test[SHA1_SIZE];
|
|
// Password match
|
|
Sha0(test, "", 0);
|
|
SecurePassword(test, test, random);
|
|
|
|
#if 0
|
|
if (Cmp(test, secure_check, SHA1_SIZE) == 0 && s->RemoteIP.addr[0] != 127)
|
|
{
|
|
// A client can not connect from the outside with blank password
|
|
err = ERR_NULL_PASSWORD_LOCAL_ONLY;
|
|
}
|
|
else
|
|
#endif
|
|
|
|
{
|
|
// Successful connection
|
|
err = ERR_NO_ERROR;
|
|
NiAdminMain(n, s);
|
|
}
|
|
}
|
|
}
|
|
|
|
FreePack(p);
|
|
}
|
|
}
|
|
|
|
FreePack(p);
|
|
|
|
if (err != ERR_NO_ERROR)
|
|
{
|
|
p = PackError(err);
|
|
HttpServerSend(s, p);
|
|
FreePack(p);
|
|
}
|
|
}
|
|
|
|
Disconnect(s);
|
|
ReleaseSock(s);
|
|
}
|
|
|
|
// Management port Listen thread
|
|
void NiListenThread(THREAD *thread, void *param)
|
|
{
|
|
NAT *n = (NAT *)param;
|
|
SOCK *a;
|
|
UINT i;
|
|
bool b = false;
|
|
// Validate arguments
|
|
if (thread == NULL || param == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
// Initialize the management list
|
|
n->AdminList = NewList(NULL);
|
|
|
|
while (true)
|
|
{
|
|
a = Listen(DEFAULT_NAT_ADMIN_PORT);
|
|
if (b == false)
|
|
{
|
|
b = true;
|
|
NoticeThreadInit(thread);
|
|
}
|
|
if (a != NULL)
|
|
{
|
|
break;
|
|
}
|
|
|
|
Wait(n->HaltEvent, NAT_ADMIN_PORT_LISTEN_INTERVAL);
|
|
if (n->Halt)
|
|
{
|
|
return;
|
|
}
|
|
}
|
|
|
|
n->AdminListenSock = a;
|
|
AddRef(a->ref);
|
|
|
|
// Waiting
|
|
while (true)
|
|
{
|
|
SOCK *s = Accept(a);
|
|
THREAD *t;
|
|
NAT_ADMIN *admin;
|
|
if (s == NULL)
|
|
{
|
|
break;
|
|
}
|
|
if (n->Halt)
|
|
{
|
|
ReleaseSock(s);
|
|
break;
|
|
}
|
|
|
|
admin = ZeroMalloc(sizeof(NAT_ADMIN));
|
|
admin->Nat = n;
|
|
admin->Sock = s;
|
|
t = NewThread(NiAdminThread, admin);
|
|
WaitThreadInit(t);
|
|
ReleaseThread(t);
|
|
}
|
|
|
|
// Disconnect all management connections
|
|
LockList(n->AdminList);
|
|
{
|
|
for (i = 0;i < LIST_NUM(n->AdminList);i++)
|
|
{
|
|
NAT_ADMIN *a = LIST_DATA(n->AdminList, i);
|
|
Disconnect(a->Sock);
|
|
WaitThread(a->Thread, INFINITE);
|
|
ReleaseThread(a->Thread);
|
|
ReleaseSock(a->Sock);
|
|
Free(a);
|
|
}
|
|
}
|
|
UnlockList(n->AdminList);
|
|
|
|
ReleaseList(n->AdminList);
|
|
|
|
ReleaseSock(a);
|
|
}
|
|
|
|
// Initialize receiving management command
|
|
void NiInitAdminAccept(NAT *n)
|
|
{
|
|
THREAD *t;
|
|
// Validate arguments
|
|
if (n == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
t = NewThread(NiListenThread, n);
|
|
WaitThreadInit(t);
|
|
n->AdminAcceptThread = t;
|
|
}
|
|
|
|
// Complete receiving management command
|
|
void NiFreeAdminAccept(NAT *n)
|
|
{
|
|
// Validate arguments
|
|
if (n == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
n->Halt = true;
|
|
Disconnect(n->AdminListenSock);
|
|
Set(n->HaltEvent);
|
|
|
|
while (true)
|
|
{
|
|
if (WaitThread(n->AdminAcceptThread, 1000) == false)
|
|
{
|
|
Disconnect(n->AdminListenSock);
|
|
}
|
|
else
|
|
{
|
|
break;
|
|
}
|
|
}
|
|
ReleaseThread(n->AdminAcceptThread);
|
|
|
|
ReleaseSock(n->AdminListenSock);
|
|
}
|
|
|
|
// Clear the DHCP options that are not supported by the dynamic Virtual HUB
|
|
void NiClearUnsupportedVhOptionForDynamicHub(VH_OPTION *o, bool initial)
|
|
{
|
|
// Validate arguments
|
|
if (o == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
o->UseNat = false;
|
|
|
|
if (initial)
|
|
{
|
|
Zero(&o->DhcpGatewayAddress, sizeof(IP));
|
|
Zero(&o->DhcpDnsServerAddress, sizeof(IP));
|
|
Zero(&o->DhcpDnsServerAddress2, sizeof(IP));
|
|
StrCpy(o->DhcpDomainName, sizeof(o->DhcpDomainName), "");
|
|
}
|
|
}
|
|
|
|
// Initialize the options for the virtual host
|
|
void NiSetDefaultVhOption(NAT *n, VH_OPTION *o)
|
|
{
|
|
// Validate arguments
|
|
if (o == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Zero(o, sizeof(VH_OPTION));
|
|
GenMacAddress(o->MacAddress);
|
|
|
|
// Set the virtual IP to 192.168.30.1/24
|
|
SetIP(&o->Ip, 192, 168, 30, 1);
|
|
SetIP(&o->Mask, 255, 255, 255, 0);
|
|
o->UseNat = true;
|
|
o->Mtu = 1500;
|
|
o->NatTcpTimeout = 1800;
|
|
o->NatUdpTimeout = 60;
|
|
o->UseDhcp = true;
|
|
SetIP(&o->DhcpLeaseIPStart, 192, 168, 30, 10);
|
|
SetIP(&o->DhcpLeaseIPEnd, 192, 168, 30, 200);
|
|
SetIP(&o->DhcpSubnetMask, 255, 255, 255, 0);
|
|
o->DhcpExpireTimeSpan = 7200;
|
|
o->SaveLog = true;
|
|
|
|
SetIP(&o->DhcpGatewayAddress, 192, 168, 30, 1);
|
|
SetIP(&o->DhcpDnsServerAddress, 192, 168, 30, 1);
|
|
|
|
GetDomainName(o->DhcpDomainName, sizeof(o->DhcpDomainName));
|
|
}
|
|
|
|
// Reset the setting of NAT to the default
|
|
void NiInitDefaultConfig(NAT *n)
|
|
{
|
|
// Validate arguments
|
|
if (n == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
// Initialize the virtual host option
|
|
NiSetDefaultVhOption(n, &n->Option);
|
|
|
|
// Initialize management port
|
|
n->AdminPort = DEFAULT_NAT_ADMIN_PORT;
|
|
|
|
// Offline
|
|
n->Online = false;
|
|
|
|
// Save the log
|
|
n->Option.SaveLog = true;
|
|
}
|
|
|
|
// Initialize the NAT configuration
|
|
void NiInitConfig(NAT *n)
|
|
{
|
|
// Validate arguments
|
|
if (n == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
// Initial state
|
|
NiInitDefaultConfig(n);
|
|
}
|
|
|
|
// Read the virtual host option (extended)
|
|
void NiLoadVhOptionEx(VH_OPTION *o, FOLDER *root)
|
|
{
|
|
FOLDER *host, *nat, *dhcp;
|
|
char mac_address[MAX_SIZE];
|
|
// Validate arguments
|
|
if (o == NULL || root == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
host = CfgGetFolder(root, "VirtualHost");
|
|
nat = CfgGetFolder(root, "VirtualRouter");
|
|
dhcp = CfgGetFolder(root, "VirtualDhcpServer");
|
|
|
|
Zero(o, sizeof(VH_OPTION));
|
|
|
|
GenMacAddress(o->MacAddress);
|
|
if (CfgGetStr(host, "VirtualHostMacAddress", mac_address, sizeof(mac_address)))
|
|
{
|
|
BUF *b = StrToBin(mac_address);
|
|
if (b != NULL)
|
|
{
|
|
if (b->Size == 6)
|
|
{
|
|
Copy(o->MacAddress, b->Buf, 6);
|
|
}
|
|
}
|
|
FreeBuf(b);
|
|
}
|
|
CfgGetIp(host, "VirtualHostIp", &o->Ip);
|
|
CfgGetIp(host, "VirtualHostIpSubnetMask", &o->Mask);
|
|
|
|
o->UseNat = CfgGetBool(nat, "NatEnabled");
|
|
o->Mtu = CfgGetInt(nat, "NatMtu");
|
|
o->NatTcpTimeout = CfgGetInt(nat, "NatTcpTimeout");
|
|
o->NatUdpTimeout = CfgGetInt(nat, "NatUdpTimeout");
|
|
|
|
o->UseDhcp = CfgGetBool(dhcp, "DhcpEnabled");
|
|
CfgGetIp(dhcp, "DhcpLeaseIPStart", &o->DhcpLeaseIPStart);
|
|
CfgGetIp(dhcp, "DhcpLeaseIPEnd", &o->DhcpLeaseIPEnd);
|
|
CfgGetIp(dhcp, "DhcpSubnetMask", &o->DhcpSubnetMask);
|
|
o->DhcpExpireTimeSpan = CfgGetInt(dhcp, "DhcpExpireTimeSpan");
|
|
CfgGetIp(dhcp, "DhcpGatewayAddress", &o->DhcpGatewayAddress);
|
|
CfgGetIp(dhcp, "DhcpDnsServerAddress", &o->DhcpDnsServerAddress);
|
|
CfgGetIp(dhcp, "DhcpDnsServerAddress2", &o->DhcpDnsServerAddress2);
|
|
CfgGetStr(dhcp, "DhcpDomainName", o->DhcpDomainName, sizeof(o->DhcpDomainName));
|
|
|
|
CfgGetStr(dhcp, "DhcpPushRoutes", o->DhcpPushRoutes, sizeof(o->DhcpPushRoutes));
|
|
|
|
// Test code
|
|
// StrCpy(o->DhcpPushRoutes, sizeof(o->DhcpPushRoutes),
|
|
// "130.158.6.0/24/192.168.9.2 130.158.80.244/255.255.255.255/192.168.9.2");
|
|
|
|
NormalizeClasslessRouteTableStr(o->DhcpPushRoutes, sizeof(o->DhcpPushRoutes), o->DhcpPushRoutes);
|
|
o->ApplyDhcpPushRoutes = true;
|
|
|
|
Trim(o->DhcpDomainName);
|
|
if (StrLen(o->DhcpDomainName) == 0)
|
|
{
|
|
//GetDomainName(o->DhcpDomainName, sizeof(o->DhcpDomainName));
|
|
}
|
|
|
|
o->SaveLog = CfgGetBool(root, "SaveLog");
|
|
}
|
|
|
|
// Read the virtual host option
|
|
void NiLoadVhOption(NAT *n, FOLDER *root)
|
|
{
|
|
VH_OPTION *o;
|
|
FOLDER *host, *nat, *dhcp;
|
|
char mac_address[MAX_SIZE];
|
|
// Validate arguments
|
|
if (n == NULL || root == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
host = CfgGetFolder(root, "VirtualHost");
|
|
nat = CfgGetFolder(root, "VirtualRouter");
|
|
dhcp = CfgGetFolder(root, "VirtualDhcpServer");
|
|
|
|
o = &n->Option;
|
|
Zero(o, sizeof(VH_OPTION));
|
|
|
|
GenMacAddress(o->MacAddress);
|
|
if (CfgGetStr(host, "VirtualHostMacAddress", mac_address, sizeof(mac_address)))
|
|
{
|
|
BUF *b = StrToBin(mac_address);
|
|
if (b != NULL)
|
|
{
|
|
if (b->Size == 6)
|
|
{
|
|
Copy(o->MacAddress, b->Buf, 6);
|
|
}
|
|
}
|
|
FreeBuf(b);
|
|
}
|
|
CfgGetIp(host, "VirtualHostIp", &o->Ip);
|
|
CfgGetIp(host, "VirtualHostIpSubnetMask", &o->Mask);
|
|
|
|
o->UseNat = CfgGetBool(nat, "NatEnabled");
|
|
o->Mtu = CfgGetInt(nat, "NatMtu");
|
|
o->NatTcpTimeout = CfgGetInt(nat, "NatTcpTimeout");
|
|
o->NatUdpTimeout = CfgGetInt(nat, "NatUdpTimeout");
|
|
|
|
o->UseDhcp = CfgGetBool(dhcp, "DhcpEnabled");
|
|
CfgGetIp(dhcp, "DhcpLeaseIPStart", &o->DhcpLeaseIPStart);
|
|
CfgGetIp(dhcp, "DhcpLeaseIPEnd", &o->DhcpLeaseIPEnd);
|
|
CfgGetIp(dhcp, "DhcpSubnetMask", &o->DhcpSubnetMask);
|
|
o->DhcpExpireTimeSpan = CfgGetInt(dhcp, "DhcpExpireTimeSpan");
|
|
CfgGetIp(dhcp, "DhcpGatewayAddress", &o->DhcpGatewayAddress);
|
|
CfgGetIp(dhcp, "DhcpDnsServerAddress", &o->DhcpDnsServerAddress);
|
|
CfgGetIp(dhcp, "DhcpDnsServerAddress2", &o->DhcpDnsServerAddress2);
|
|
CfgGetStr(dhcp, "DhcpDomainName", o->DhcpDomainName, sizeof(o->DhcpDomainName));
|
|
|
|
o->SaveLog = CfgGetBool(root, "SaveLog");
|
|
}
|
|
|
|
// Read connection options from the VPN server
|
|
void NiLoadClientData(NAT *n, FOLDER *root)
|
|
{
|
|
FOLDER *co, *ca;
|
|
// Validate arguments
|
|
if (n == NULL || root == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
co = CfgGetFolder(root, "VpnClientOption");
|
|
ca = CfgGetFolder(root, "VpnClientAuth");
|
|
if (co == NULL || ca == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
n->ClientOption = CiLoadClientOption(co);
|
|
n->ClientAuth = CiLoadClientAuth(ca);
|
|
}
|
|
|
|
// Write connection options to the VPN server
|
|
void NiWriteClientData(NAT *n, FOLDER *root)
|
|
{
|
|
// Validate arguments
|
|
if (n == NULL || root == NULL || n->ClientOption == NULL || n->ClientAuth == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
CiWriteClientOption(CfgCreateFolder(root, "VpnClientOption"), n->ClientOption);
|
|
CiWriteClientAuth(CfgCreateFolder(root, "VpnClientAuth"), n->ClientAuth);
|
|
}
|
|
|
|
// Write the virtual host option (extended)
|
|
void NiWriteVhOptionEx(VH_OPTION *o, FOLDER *root)
|
|
{
|
|
FOLDER *host, *nat, *dhcp;
|
|
char mac_address[MAX_SIZE];
|
|
// Validate arguments
|
|
if (o == NULL || root == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
host = CfgCreateFolder(root, "VirtualHost");
|
|
nat = CfgCreateFolder(root, "VirtualRouter");
|
|
dhcp = CfgCreateFolder(root, "VirtualDhcpServer");
|
|
|
|
MacToStr(mac_address, sizeof(mac_address), o->MacAddress);
|
|
CfgAddStr(host, "VirtualHostMacAddress", mac_address);
|
|
CfgAddIp(host, "VirtualHostIp", &o->Ip);
|
|
CfgAddIp(host, "VirtualHostIpSubnetMask", &o->Mask);
|
|
|
|
CfgAddBool(nat, "NatEnabled", o->UseNat);
|
|
CfgAddInt(nat, "NatMtu", o->Mtu);
|
|
CfgAddInt(nat, "NatTcpTimeout", o->NatTcpTimeout);
|
|
CfgAddInt(nat, "NatUdpTimeout", o->NatUdpTimeout);
|
|
|
|
CfgAddBool(dhcp, "DhcpEnabled", o->UseDhcp);
|
|
CfgAddIp(dhcp, "DhcpLeaseIPStart", &o->DhcpLeaseIPStart);
|
|
CfgAddIp(dhcp, "DhcpLeaseIPEnd", &o->DhcpLeaseIPEnd);
|
|
CfgAddIp(dhcp, "DhcpSubnetMask", &o->DhcpSubnetMask);
|
|
CfgAddInt(dhcp, "DhcpExpireTimeSpan", o->DhcpExpireTimeSpan);
|
|
CfgAddIp(dhcp, "DhcpGatewayAddress", &o->DhcpGatewayAddress);
|
|
CfgAddIp(dhcp, "DhcpDnsServerAddress", &o->DhcpDnsServerAddress);
|
|
CfgAddIp(dhcp, "DhcpDnsServerAddress2", &o->DhcpDnsServerAddress2);
|
|
CfgAddStr(dhcp, "DhcpDomainName", o->DhcpDomainName);
|
|
CfgAddStr(dhcp, "DhcpPushRoutes", o->DhcpPushRoutes);
|
|
|
|
CfgAddBool(root, "SaveLog", o->SaveLog);
|
|
}
|
|
|
|
// Write the virtual host option
|
|
void NiWriteVhOption(NAT *n, FOLDER *root)
|
|
{
|
|
VH_OPTION *o;
|
|
FOLDER *host, *nat, *dhcp;
|
|
char mac_address[MAX_SIZE];
|
|
// Validate arguments
|
|
if (n == NULL || root == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
host = CfgCreateFolder(root, "VirtualHost");
|
|
nat = CfgCreateFolder(root, "VirtualRouter");
|
|
dhcp = CfgCreateFolder(root, "VirtualDhcpServer");
|
|
|
|
o = &n->Option;
|
|
|
|
MacToStr(mac_address, sizeof(mac_address), o->MacAddress);
|
|
CfgAddStr(host, "VirtualHostMacAddress", mac_address);
|
|
CfgAddIp(host, "VirtualHostIp", &o->Ip);
|
|
CfgAddIp(host, "VirtualHostIpSubnetMask", &o->Mask);
|
|
|
|
CfgAddBool(nat, "NatEnabled", o->UseNat);
|
|
CfgAddInt(nat, "NatMtu", o->Mtu);
|
|
CfgAddInt(nat, "NatTcpTimeout", o->NatTcpTimeout);
|
|
CfgAddInt(nat, "NatUdpTimeout", o->NatUdpTimeout);
|
|
|
|
CfgAddBool(dhcp, "DhcpEnabled", o->UseDhcp);
|
|
CfgAddIp(dhcp, "DhcpLeaseIPStart", &o->DhcpLeaseIPStart);
|
|
CfgAddIp(dhcp, "DhcpLeaseIPEnd", &o->DhcpLeaseIPEnd);
|
|
CfgAddIp(dhcp, "DhcpSubnetMask", &o->DhcpSubnetMask);
|
|
CfgAddInt(dhcp, "DhcpExpireTimeSpan", o->DhcpExpireTimeSpan);
|
|
CfgAddIp(dhcp, "DhcpGatewayAddress", &o->DhcpGatewayAddress);
|
|
CfgAddIp(dhcp, "DhcpDnsServerAddress", &o->DhcpDnsServerAddress);
|
|
CfgAddIp(dhcp, "DhcpDnsServerAddress2", &o->DhcpDnsServerAddress2);
|
|
CfgAddStr(dhcp, "DhcpDomainName", o->DhcpDomainName);
|
|
|
|
CfgAddBool(root, "SaveLog", o->SaveLog);
|
|
}
|
|
|
|
// Read the configuration file
|
|
bool NiLoadConfig(NAT *n, FOLDER *root)
|
|
{
|
|
FOLDER *host;
|
|
BUF *b;
|
|
// Validate arguments
|
|
if (n == NULL || root == NULL)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
host = CfgGetFolder(root, "VirtualHost");
|
|
if (host == NULL)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
CfgGetByte(root, "HashedPassword", n->HashedPassword, sizeof(n->HashedPassword));
|
|
n->AdminPort = CfgGetInt(root, "AdminPort");
|
|
n->Online = CfgGetBool(root, "Online");
|
|
|
|
b = CfgGetBuf(root, "AdminCert");
|
|
if (b != NULL)
|
|
{
|
|
n->AdminX = BufToX(b, false);
|
|
FreeBuf(b);
|
|
}
|
|
|
|
b = CfgGetBuf(root, "AdminKey");
|
|
if (b != NULL)
|
|
{
|
|
n->AdminK = BufToK(b, true, false, NULL);
|
|
FreeBuf(b);
|
|
}
|
|
|
|
NiLoadVhOption(n, root);
|
|
|
|
NiLoadClientData(n, root);
|
|
|
|
return true;
|
|
}
|
|
|
|
// Write the configuration to a file
|
|
void NiWriteConfig(NAT *n)
|
|
{
|
|
// Validate arguments
|
|
if (n == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
Lock(n->lock);
|
|
{
|
|
FOLDER *root = CfgCreateFolder(NULL, TAG_ROOT);
|
|
BUF *b;
|
|
|
|
// Certificate
|
|
b = XToBuf(n->AdminX, false);
|
|
CfgAddBuf(root, "AdminCert", b);
|
|
FreeBuf(b);
|
|
|
|
// Secret key
|
|
b = KToBuf(n->AdminK, false, NULL);
|
|
CfgAddBuf(root, "AdminKey", b);
|
|
FreeBuf(b);
|
|
|
|
// Password
|
|
CfgAddByte(root, "HashedPassword", n->HashedPassword, sizeof(n->HashedPassword));
|
|
CfgAddInt(root, "AdminPort", n->AdminPort);
|
|
CfgAddBool(root, "Online", n->Online);
|
|
|
|
// Virtual host option
|
|
NiWriteVhOption(n, root);
|
|
|
|
// Connection options
|
|
if (n->ClientOption != NULL && n->ClientAuth != NULL)
|
|
{
|
|
NiWriteClientData(n, root);
|
|
}
|
|
|
|
SaveCfgRw(n->CfgRw, root);
|
|
CfgDeleteFolder(root);
|
|
}
|
|
Unlock(n->lock);
|
|
}
|
|
|
|
// Release the NAT configuration
|
|
void NiFreeConfig(NAT *n)
|
|
{
|
|
// Validate arguments
|
|
if (n == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
// Write the latest configuration
|
|
NiWriteConfig(n);
|
|
|
|
// Release the configuration R/W
|
|
FreeCfgRw(n->CfgRw);
|
|
n->CfgRw = NULL;
|
|
|
|
Free(n->ClientOption);
|
|
CiFreeClientAuth(n->ClientAuth);
|
|
|
|
FreeX(n->AdminX);
|
|
FreeK(n->AdminK);
|
|
}
|
|
|
|
// Create a NAT
|
|
NAT *NiNewNatEx(SNAT *snat, VH_OPTION *o)
|
|
{
|
|
NAT *n = ZeroMalloc(sizeof(NAT));
|
|
|
|
n->lock = NewLock();
|
|
Sha0(n->HashedPassword, "", 0);
|
|
n->HaltEvent = NewEvent();
|
|
|
|
//n->Cedar = NewCedar(NULL, NULL);
|
|
|
|
n->SecureNAT = snat;
|
|
|
|
// Raise the priority
|
|
//OSSetHighPriority();
|
|
|
|
// Initialize the settings
|
|
NiInitConfig(n);
|
|
|
|
#if 0
|
|
// Start the operation of the virtual host
|
|
if (n->Online && n->ClientOption != NULL)
|
|
{
|
|
n->Virtual = NewVirtualHostEx(n->Cedar, n->ClientOption, n->ClientAuth, &n->Option, n);
|
|
}
|
|
else
|
|
{
|
|
n->Online = false;
|
|
n->Virtual = NULL;
|
|
}
|
|
#else
|
|
n->Virtual = NewVirtualHostEx(n->Cedar, NULL, NULL, o, n);
|
|
n->Online = true;
|
|
#endif
|
|
|
|
// Start management command
|
|
//NiInitAdminAccept(n);
|
|
|
|
return n;
|
|
}
|
|
NAT *NiNewNat()
|
|
{
|
|
return NiNewNatEx(NULL, NULL);
|
|
}
|
|
|
|
// Release the NAT
|
|
void NiFreeNat(NAT *n)
|
|
{
|
|
// Validate arguments
|
|
if (n == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
// Complete management command
|
|
//NiFreeAdminAccept(n);
|
|
|
|
// Stop if the virtual host is running
|
|
Lock(n->lock);
|
|
{
|
|
if (n->Virtual != NULL)
|
|
{
|
|
StopVirtualHost(n->Virtual);
|
|
ReleaseVirtual(n->Virtual);
|
|
n->Virtual = NULL;
|
|
}
|
|
}
|
|
Unlock(n->lock);
|
|
|
|
// Release the settings
|
|
NiFreeConfig(n);
|
|
|
|
// Delete the object
|
|
ReleaseCedar(n->Cedar);
|
|
ReleaseEvent(n->HaltEvent);
|
|
DeleteLock(n->lock);
|
|
|
|
Free(n);
|
|
}
|
|
|
|
// Stop the NAT
|
|
void NtStopNat()
|
|
{
|
|
Lock(nat_lock);
|
|
{
|
|
if (nat != NULL)
|
|
{
|
|
NiFreeNat(nat);
|
|
nat = NULL;
|
|
}
|
|
}
|
|
Unlock(nat_lock);
|
|
}
|
|
|
|
// Start the NAT
|
|
void NtStartNat()
|
|
{
|
|
Lock(nat_lock);
|
|
{
|
|
if (nat == NULL)
|
|
{
|
|
nat = NiNewNat();
|
|
}
|
|
}
|
|
Unlock(nat_lock);
|
|
}
|
|
|
|
// Initialize the NtXxx function
|
|
void NtInit()
|
|
{
|
|
if (nat_lock != NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
nat_lock = NewLock();
|
|
}
|
|
|
|
// Release the NtXxx function
|
|
void NtFree()
|
|
{
|
|
if (nat_lock == NULL)
|
|
{
|
|
return;
|
|
}
|
|
|
|
DeleteLock(nat_lock);
|
|
nat_lock = NULL;
|
|
}
|
|
|