// Is the PCD driver supported in current OS bool IsPcdSupported() { UINT type; OS_INFO *info = GetOsInfo(); if (MsIsWindows10()) { // Windows 10 or later never supports PCD driver. return false; } type = info->OsType; if (OS_IS_WINDOWS_NT(type) == false) { // Only on Windows NT series return false; } if (GET_KETA(type, 100) >= 2) { // Good for Windows 2000 or later return true; } // Not good for Windows NT 4.0 or Longhorn return false; }
// Unload the drivers hive bool SuUnloadDriversHive() { // todo: always failed. if (MsIsWindows10() == false) { return false; } return MsRegUnloadHive(REG_LOCAL_MACHINE, L"DRIVERS"); }
// Get whether the current OS is supported by SeLow bool SuIsSupportedOs(bool on_install) { if (MsRegReadIntEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, "EnableSeLow", false, true) != 0) { // Force enable return true; } if (MsRegReadIntEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, "DisableSeLow", false, true) != 0) { // Force disable return false; } if (MsIsWindows10()) { // Windows 10 or later are always supported. return true; } if (on_install) { // If Microsoft Routing and Remote Access service is running, // then return false. if (MsIsServiceRunning("RemoteAccess")) { return false; } } // If the Su driver is currently running, // then return true. if (MsIsServiceRunning(SL_PROTOCOL_NAME)) { return true; } // Currently Windows 8.1 or later are supported if (MsIsWindows81() == false) { return false; } if (on_install == false) { // If Microsoft Routing and Remote Access service is running, // then return false. if (MsIsServiceRunning("RemoteAccess")) { return false; } } return true; }
// Load the drivers hive bool SuLoadDriversHive() { wchar_t config_dir[MAX_PATH]; wchar_t filename[MAX_PATH]; if (MsIsWindows10() == false) { return false; } MsEnablePrivilege(SE_RESTORE_NAME, true); MsEnablePrivilege(SE_BACKUP_NAME, true); CombinePathW(config_dir, sizeof(config_dir), MsGetSystem32DirW(), L"config"); CombinePathW(filename, sizeof(filename), config_dir, L"DRIVERS"); return MsRegLoadHive(REG_LOCAL_MACHINE, L"DRIVERS", filename); }
SU *SuInitEx(UINT wait_for_bind_complete_tick) { void *h; SU *u; UINT read_size; bool flag = false; UINT64 giveup_tick = 0; static bool flag2 = false; // flag2 must be global if (SuIsSupportedOs(false) == false) { // Unsupported OS return NULL; } LABEL_RETRY: // Open the device driver h = CreateFileA(SL_BASIC_DEVICE_FILENAME_WIN32, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); if (h == INVALID_HANDLE_VALUE) { Debug("CreateFileA(%s) Failed.\n", SL_BASIC_DEVICE_FILENAME_WIN32); // Start the service if it fails to start the device driver if (flag == false) { if (MsStartService(SL_PROTOCOL_NAME) == false) { Debug("MsStartService(%s) Failed.\n", SL_PROTOCOL_NAME); if (MsIsWindows10()) { if (flag2 == false) { flag2 = true; if (SuInstallDriver(true)) { goto LABEL_RETRY; } } } } else { Debug("MsStartService(%s) Ok.\n", SL_PROTOCOL_NAME); flag = true; goto LABEL_RETRY; } } return NULL; } //Debug("CreateFileA(%s) Ok.\n", SL_BASIC_DEVICE_FILENAME_WIN32); u = ZeroMalloc(sizeof(SU)); giveup_tick = Tick64() + (UINT64)wait_for_bind_complete_tick; if (wait_for_bind_complete_tick == 0) { if (ReadFile(h, &u->AdapterInfoList, sizeof(u->AdapterInfoList), &read_size, NULL) == false || u->AdapterInfoList.Signature != SL_SIGNATURE) { // Signature reception failure Debug("Bad Signature.\n"); Free(u); CloseHandle(h); return NULL; } } else { while (giveup_tick >= Tick64()) { // Wait until the enumeration is completed if (ReadFile(h, &u->AdapterInfoList, sizeof(u->AdapterInfoList), &read_size, NULL) == false || u->AdapterInfoList.Signature != SL_SIGNATURE) { // Signature reception failure Debug("Bad Signature.\n"); Free(u); CloseHandle(h); return NULL; } if (u->AdapterInfoList.EnumCompleted) { // Complete enumeration Debug("Bind Completed! %u\n", u->AdapterInfoList.EnumCompleted); break; } // Incomplete enumeration Debug("Waiting for Bind Complete.\n"); SleepThread(25); } } u->hFile = h; return u; }
bool SuInstallDriverInner(bool force) { wchar_t sys_fullpath[MAX_PATH]; UINT current_sl_ver = 0; bool ret = false; wchar_t src_cat[MAX_PATH]; wchar_t src_inf[MAX_PATH]; wchar_t src_sys[MAX_PATH]; wchar_t dst_cat[MAX_PATH]; wchar_t dst_inf[MAX_PATH]; wchar_t dst_sys[MAX_PATH]; wchar_t tmp_dir[MAX_PATH]; char *cpu_type = MsIsX64() ? "x64" : "x86"; if (SuIsSupportedOs(true) == false) { // Unsupported OS return false; } CombinePathW(tmp_dir, sizeof(tmp_dir), MsGetWindowsDirW(), L"Temp"); MakeDirExW(tmp_dir); UniStrCat(tmp_dir, sizeof(tmp_dir), L"\\selowtmp"); MakeDirExW(tmp_dir); // Confirm whether the driver is currently installed CombinePathW(sys_fullpath, sizeof(sys_fullpath), MsGetSystem32DirW(), L"drivers\\SeLow_%S.sys"); UniFormat(sys_fullpath, sizeof(sys_fullpath), sys_fullpath, cpu_type); if (IsFileExistsW(sys_fullpath)) { char *path; // Read the current version from the registry current_sl_ver = MsRegReadIntEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, (MsIsWindows10() ? SL_REG_VER_VALUE_WIN10 : SL_REG_VER_VALUE), false, true); path = MsRegReadStrEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, "ImagePath", false, true); if (IsEmptyStr(path) || IsFileExists(path) == false || MsIsServiceInstalled(SL_PROTOCOL_NAME) == false) { current_sl_ver = 0; } Free(path); } if (force == false && current_sl_ver >= SL_VER) { // Newer version has already been installed Debug("Newer SeLow is Installed. %u >= %u\n", current_sl_ver, SL_VER); return true; } // Copy necessary files to a temporary directory UniFormat(src_sys, sizeof(src_sys), L"|DriverPackages\\%S\\%S\\SeLow_%S.sys", (MsIsWindows10() ? "SeLow_Win10" : "SeLow_Win8"), cpu_type, cpu_type); if (MsIsWindows8() == false) { // Windows Vista and Windows 7 uses SHA-1 catalog files UniFormat(src_cat, sizeof(src_cat), L"|DriverPackages\\SeLow_Win8\\%S\\inf.cat", cpu_type); } else { // Windows 8 or above uses SHA-256 catalog files UniFormat(src_cat, sizeof(src_cat), L"|DriverPackages\\SeLow_Win8\\%S\\inf2.cat", cpu_type); if (MsIsWindows10()) { // Windows 10 uses WHQL catalog files UniFormat(src_cat, sizeof(src_cat), L"|DriverPackages\\SeLow_Win10\\%S\\SeLow_Win10_%S.cat", cpu_type, cpu_type); } } UniFormat(src_inf, sizeof(src_inf), L"|DriverPackages\\%S\\%S\\SeLow_%S.inf", (MsIsWindows10() ? "SeLow_Win10" : "SeLow_Win8"), cpu_type, cpu_type); UniFormat(dst_sys, sizeof(dst_cat), L"%s\\SeLow_%S.sys", tmp_dir, cpu_type); UniFormat(dst_cat, sizeof(dst_cat), L"%s\\SeLow_%S_%S.cat", tmp_dir, (MsIsWindows10() ? "Win10" : "Win8"), cpu_type); UniFormat(dst_inf, sizeof(dst_inf), L"%s\\SeLow_%S.inf", tmp_dir, cpu_type); if (FileCopyW(src_sys, dst_sys) && FileCopyW(src_cat, dst_cat) && FileCopyW(src_inf, dst_inf)) { NO_WARNING *nw; nw = MsInitNoWarningEx(SL_USER_AUTO_PUSH_TIMER); if (MsIsWindows10()) { if (MsIsServiceInstalled(SL_PROTOCOL_NAME) == false && MsIsServiceRunning(SL_PROTOCOL_NAME) == false) { // On Windows 10, if there are no SwLow service installed, then uinstall the protocol driver first. // TODO: currently do nothing. On some versions of Windows 10 beta builds it is necessary to do something... } } if (MsIsWindows10()) { // Delete garbage INFs SuDeleteGarbageInfs(); } // Call the installer if (InstallNdisProtocolDriver(dst_inf, L"SeLow", SL_USER_INSTALL_LOCK_TIMEOUT) == false) { Debug("InstallNdisProtocolDriver Error.\n"); } else { Debug("InstallNdisProtocolDriver Ok.\n"); // Copy manually because there are cases where .sys file is not copied successfully for some reason FileCopyW(src_sys, sys_fullpath); ret = true; // Write the version number into the registry MsRegWriteIntEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, (MsIsWindows10() ? SL_REG_VER_VALUE_WIN10 : SL_REG_VER_VALUE), SL_VER, false, true); // Set to automatic startup MsRegWriteIntEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, "Start", SERVICE_SYSTEM_START, false, true); } MsFreeNoWarning(nw); } else { Debug("Fail Copying Files.\n"); } if (ret) { // If the service is installed this time, start and wait until the enumeration is completed SuFree(SuInitEx(180 * 1000)); } return ret; }
void SuDeleteGarbageInfsInner() { char *base_key_name = "DRIVERS\\DriverDatabase\\DriverPackages"; TOKEN_LIST *keys; HINSTANCE hSetupApiDll = NULL; BOOL (WINAPI *_SetupUninstallOEMInfA)(PCSTR, DWORD, PVOID) = NULL; if (MsIsWindows10() == false) { return; } hSetupApiDll = LoadLibraryA("setupapi.dll"); if (hSetupApiDll == NULL) { return; } _SetupUninstallOEMInfA = (UINT (__stdcall *)(PCSTR,DWORD,PVOID)) GetProcAddress(hSetupApiDll, "SetupUninstallOEMInfA"); if (_SetupUninstallOEMInfA != NULL) { keys = MsRegEnumKeyEx2(REG_LOCAL_MACHINE, base_key_name, false, true); if (keys != NULL) { char full_key[MAX_PATH]; UINT i; for (i = 0; i < keys->NumTokens; i++) { char *oem_name, *inf_name, *provider; Format(full_key, sizeof(full_key), "%s\\%s", base_key_name, keys->Token[i]); oem_name = MsRegReadStrEx2(REG_LOCAL_MACHINE, full_key, "", false, true); inf_name = MsRegReadStrEx2(REG_LOCAL_MACHINE, full_key, "InfName", false, true); provider = MsRegReadStrEx2(REG_LOCAL_MACHINE, full_key, "Provider", false, true); if (IsEmptyStr(oem_name) == false && IsEmptyStr(inf_name) == false) { if (StartWith(oem_name, "oem")) { if (StartWith(inf_name, "selow")) { if (InStr(provider, "softether")) { Debug("Delete OEM INF %s (%s): %u\n", oem_name, inf_name, _SetupUninstallOEMInfA(oem_name, 0x00000001, NULL)); } } } } Free(oem_name); Free(inf_name); Free(provider); } FreeToken(keys); } } if (hSetupApiDll != NULL) { FreeLibrary(hSetupApiDll); } }
// Get the build number of the current driver UINT GetCurrentIPsecWin7DriverBuild() { return MsRegReadInt(REG_LOCAL_MACHINE, IPSEC_WIN7_DRIVER_REGKEY, (MsIsWindows10() ? IPSEC_WIN7_DRIVER_BUILDNUMBER_WIN10 : IPSEC_WIN7_DRIVER_BUILDNUMBER)); }
// Write the build number of the current driver void SetCurrentIPsecWin7DriverBuild() { MsRegWriteInt(REG_LOCAL_MACHINE, IPSEC_WIN7_DRIVER_REGKEY, (MsIsWindows10() ? IPSEC_WIN7_DRIVER_BUILDNUMBER_WIN10 : IPSEC_WIN7_DRIVER_BUILDNUMBER), CEDAR_BUILD); }
bool IPsecWin7InitDriverInner() { char sys_filename[MAX_PATH]; bool install_driver = true; HANDLE hEngine; UINT ret; FWPM_SESSION0 session; UINT id; FWPM_CALLOUT0 callout; Format(sys_filename, sizeof(sys_filename), IPSEC_WIN7_DST_SYS, MsGetSystem32Dir()); if (IsFileExists(sys_filename) && MsIsServiceInstalled(IPSEC_WIN7_DRIVER_NAME)) { if (GetCurrentIPsecWin7DriverBuild() >= CEDAR_BUILD) { // Not to install since the latest version has been already installed install_driver = false; } } if (install_driver) { char src_filename[MAX_PATH]; if (MsIsWindows10() == false) { Format(src_filename, sizeof(src_filename), "|DriverPackages\\Wfp\\%s\\pxwfp_%s.sys", (MsIsX64() ? "x64" : "x86"), (MsIsX64() ? "x64" : "x86")); } else { Format(src_filename, sizeof(src_filename), "|DriverPackages\\Wfp_Win10\\%s\\pxwfp_%s.sys", (MsIsX64() ? "x64" : "x86"), (MsIsX64() ? "x64" : "x86")); } // Copy the driver if (FileCopy(src_filename, sys_filename) == false) { Debug("%s copy failed. %u\n", sys_filename, GetLastError()); if (IsFileExists(sys_filename) == false) { Debug("%s failed. Abort.\n", sys_filename); return false; } } else { Debug("%s copied.\n", sys_filename); } // Set the build number SetCurrentIPsecWin7DriverBuild(); } // Get whether the device drivers is already installed if (MsIsServiceInstalled(IPSEC_WIN7_DRIVER_NAME) == false) { wchar_t sys_filename_w[MAX_PATH]; StrToUni(sys_filename_w, sizeof(sys_filename_w), sys_filename); // Run a new installation if (MsInstallDeviceDriverW(IPSEC_WIN7_DRIVER_NAME, IPSEC_WIN7_DRIVER_TITLE, sys_filename_w, NULL) == false) { // Installation failed Debug("MsInstallDeviceDriverW failed.\n"); return false; } } // Start if the device driver is stopped if (MsIsServiceRunning(IPSEC_WIN7_DRIVER_NAME) == false) { if (MsStartService(IPSEC_WIN7_DRIVER_NAME) == false) { // Start failure Debug("MsStartService failed.\n"); return false; } Debug("%s service started.\n", IPSEC_WIN7_DRIVER_NAME); } else { Debug("%s service was already started.\n", IPSEC_WIN7_DRIVER_NAME); } // Open the WFP Zero(&session, sizeof(session)); ret = api->FwpmEngineOpen0(NULL, RPC_C_AUTHN_DEFAULT, NULL, &session, &hEngine); if (ret) { Debug("FwpmEngineOpen0 failed.\n"); return false; } // Create the Callout Driver (IPv4) Zero(&callout, sizeof(callout)); callout.calloutKey = GUID_WFP_CALLOUT_DRIVER_V4; callout.applicableLayer = FWPM_LAYER_INBOUND_IPPACKET_V4; callout.displayData.name = IPSEC_WIN7_DRIVER_TITLE_V4; ret = api->FwpmCalloutAdd0(hEngine, &callout, NULL, &id); if (ret) { Debug("FwpmCalloutAdd0 for IPv4 Failed: 0x%X\n", ret); } else { Debug("FwpmCalloutAdd0 for IPv4 Ok.\n"); } // Create the Callout Driver (IPv6) Zero(&callout, sizeof(callout)); callout.calloutKey = GUID_WFP_CALLOUT_DRIVER_V6; callout.applicableLayer = FWPM_LAYER_INBOUND_IPPACKET_V6; callout.displayData.name = IPSEC_WIN7_DRIVER_TITLE_V6; ret = api->FwpmCalloutAdd0(hEngine, &callout, NULL, &id); if (ret) { Debug("FwpmCalloutAdd0 for IPv6 Failed: 0x%X\n", ret); } else { Debug("FwpmCalloutAdd0 for IPv6 Ok.\n"); } api->FwpmEngineClose0(hEngine); return true; }