diff --git a/src/driver/common/fortconf.c b/src/driver/common/fortconf.c index 0efb3dc1..2ffe18ee 100644 --- a/src/driver/common/fortconf.c +++ b/src/driver/common/fortconf.c @@ -317,30 +317,3 @@ FORT_API BOOL fort_conf_app_group_blocked(const FORT_CONF_FLAGS conf_flags, FORT return conf_flags.group_blocked; } - -FORT_API PCWSTR fort_conf_service_sid_name_find( - PCFORT_SERVICE_SID_LIST service_sids, const char *sidBytes) -{ - if (service_sids == NULL) - return NULL; - - const char *data = service_sids->data; - const int services_n = service_sids->services_n; - - const int sid_index = fort_conf_blob_index(data, sidBytes, FORT_SERVICE_SID_SIZE, services_n); - if (sid_index < 0) - return NULL; - - const UINT16 name_index = - ((UINT16 *) (data + FORT_SERVICE_SID_LIST_SID_NAME_INDEXES_OFF(services_n)))[sid_index]; - - const UINT32 name_off = - ((UINT32 *) (data + FORT_SERVICE_SID_LIST_NAMES_HEADER_OFF(services_n)))[name_index]; - - const int names_n = service_sids->names_n; - const char *names_data = data + FORT_SERVICE_SID_LIST_NAMES_OFF(services_n, names_n); - - PCWSTR name = (PCWSTR) (names_data + name_off); - - return name; -} diff --git a/src/driver/common/fortconf.h b/src/driver/common/fortconf.h index 8423a41f..98ea74b5 100644 --- a/src/driver/common/fortconf.h +++ b/src/driver/common/fortconf.h @@ -77,35 +77,6 @@ typedef struct fort_service_info_list #define FORT_SERVICE_INFO_LIST_MIN_SIZE \ (FORT_SERVICE_INFO_LIST_DATA_OFF + FORT_SERVICE_INFO_MAX_SIZE) -typedef struct fort_service_sid_list -{ - UINT16 services_n; - UINT16 names_n; - - char data[1]; -} FORT_SERVICE_SID_LIST, *PFORT_SERVICE_SID_LIST; - -typedef const FORT_SERVICE_SID_LIST *PCFORT_SERVICE_SID_LIST; - -#define FORT_SERVICE_SID_LIST_DATA_OFF offsetof(FORT_SERVICE_SID_LIST, data) -#define FORT_SERVICE_SID_SIZE (5 * sizeof(UINT32)) - -#define FORT_SERVICE_SID_LIST_SID_NAME_INDEXES_OFF(services_n) \ - ((services_n) * FORT_SERVICE_SID_SIZE) - -#define FORT_SERVICE_SID_LIST_NAMES_HEADER_OFF(services_n) \ - (FORT_SERVICE_SID_LIST_SID_NAME_INDEXES_OFF(services_n) + (services_n) * sizeof(UINT16)) - -#define FORT_SERVICE_SID_LIST_NAMES_HEADER_SIZE(names_n) ((names_n) * sizeof(UINT32)) - -#define FORT_SERVICE_SID_LIST_NAMES_OFF(services_n, names_n) \ - (FORT_SERVICE_SID_LIST_NAMES_HEADER_OFF(services_n) \ - + FORT_SERVICE_SID_LIST_NAMES_HEADER_SIZE(names_n)) - -#define FORT_SERVICE_SID_LIST_MAX_SIZE(services_n, names_n) \ - (FORT_SERVICE_SID_LIST_DATA_OFF + FORT_SERVICE_SID_LIST_NAMES_OFF(services_n, names_n) \ - + (names_n) * FORT_SERVICE_INFO_NAME_MAX_SIZE) - typedef struct fort_conf_port_list { UINT8 port_n; @@ -388,9 +359,6 @@ FORT_API FORT_APP_DATA fort_conf_app_find(const PFORT_CONF conf, PCFORT_APP_PATH FORT_API BOOL fort_conf_app_group_blocked(const FORT_CONF_FLAGS conf_flags, FORT_APP_DATA app_data); -FORT_API PCWSTR fort_conf_service_sid_name_find( - PCFORT_SERVICE_SID_LIST service_sids, const char *sidBytes); - #ifdef __cplusplus } // extern "C" #endif diff --git a/src/driver/common/fortioctl.h b/src/driver/common/fortioctl.h index 60d98554..30631e4b 100644 --- a/src/driver/common/fortioctl.h +++ b/src/driver/common/fortioctl.h @@ -182,18 +182,16 @@ DEFINE_GUID(FORT_GUID_EMPTY, 0x00000000, 0x0000, 0x0000, 0x00, 0x00, 0x00, 0x00, #define FORT_IOCTL_INDEX_VALIDATE 0 #define FORT_IOCTL_INDEX_SETSERVICES 1 -#define FORT_IOCTL_INDEX_SETSERVICE_SIDS 2 -#define FORT_IOCTL_INDEX_SETCONF 3 -#define FORT_IOCTL_INDEX_SETFLAGS 4 -#define FORT_IOCTL_INDEX_GETLOG 5 -#define FORT_IOCTL_INDEX_ADDAPP 6 -#define FORT_IOCTL_INDEX_DELAPP 7 -#define FORT_IOCTL_INDEX_SETZONES 8 -#define FORT_IOCTL_INDEX_SETZONEFLAG 9 +#define FORT_IOCTL_INDEX_SETCONF 2 +#define FORT_IOCTL_INDEX_SETFLAGS 3 +#define FORT_IOCTL_INDEX_GETLOG 4 +#define FORT_IOCTL_INDEX_ADDAPP 5 +#define FORT_IOCTL_INDEX_DELAPP 6 +#define FORT_IOCTL_INDEX_SETZONES 7 +#define FORT_IOCTL_INDEX_SETZONEFLAG 8 #define FORT_IOCTL_VALIDATE FORT_CTL_CODE(FORT_IOCTL_INDEX_VALIDATE, FILE_WRITE_DATA) #define FORT_IOCTL_SETSERVICES FORT_CTL_CODE(FORT_IOCTL_INDEX_SETSERVICES, FILE_WRITE_DATA) -#define FORT_IOCTL_SETSERVICE_SIDS FORT_CTL_CODE(FORT_IOCTL_INDEX_SETSERVICE_SIDS, FILE_WRITE_DATA) #define FORT_IOCTL_SETCONF FORT_CTL_CODE(FORT_IOCTL_INDEX_SETCONF, FILE_WRITE_DATA) #define FORT_IOCTL_SETFLAGS FORT_CTL_CODE(FORT_IOCTL_INDEX_SETFLAGS, FILE_WRITE_DATA) #define FORT_IOCTL_GETLOG FORT_CTL_CODE(FORT_IOCTL_INDEX_GETLOG, FILE_READ_DATA) diff --git a/src/driver/fortcnf.c b/src/driver/fortcnf.c index d6ecc73b..bd31c365 100644 --- a/src/driver/fortcnf.c +++ b/src/driver/fortcnf.c @@ -419,53 +419,6 @@ FORT_API FORT_CONF_FLAGS fort_conf_ref_flags_set( return old_conf_flags; } -FORT_API PFORT_SERVICE_SID_LIST fort_conf_service_sids_new( - PCFORT_SERVICE_SID_LIST service_sids, ULONG len) -{ - return fort_conf_mem_alloc(service_sids, len); -} - -FORT_API void fort_conf_service_sids_set( - PFORT_DEVICE_CONF device_conf, PFORT_SERVICE_SID_LIST service_sids) -{ - KIRQL oldIrql = ExAcquireSpinLockExclusive(&device_conf->lock); - { - fort_conf_mem_free(device_conf->service_sids); - device_conf->service_sids = service_sids; - } - ExReleaseSpinLockExclusive(&device_conf->lock, oldIrql); -} - -FORT_API BOOL fort_conf_get_service_sid_path( - PFORT_DEVICE_CONF device_conf, const char *sidBytes, PFORT_APP_PATH path) -{ - char *buffer = (char *) path->buffer; - - path->len = 0; - - KIRQL oldIrql = ExAcquireSpinLockExclusive(&device_conf->lock); - { - PCWSTR service_name = fort_conf_service_sid_name_find(device_conf->service_sids, sidBytes); - if (service_name != NULL) { - char *name_buf = buffer + FORT_SVCHOST_PREFIX_SIZE; - const DWORD name_size = (DWORD) (wcslen(service_name) * sizeof(WCHAR)); - - RtlCopyMemory( - name_buf, service_name, name_size + sizeof(WCHAR)); /* + null terminator */ - - path->len = (UINT16) (FORT_SVCHOST_PREFIX_SIZE + name_size); - } - } - ExReleaseSpinLockExclusive(&device_conf->lock, oldIrql); - - if (path->len == 0) - return FALSE; - - RtlCopyMemory(buffer, FORT_SVCHOST_PREFIX, FORT_SVCHOST_PREFIX_SIZE); - - return TRUE; -} - FORT_API PFORT_CONF_ZONES fort_conf_zones_new(PFORT_CONF_ZONES zones, ULONG len) { return fort_conf_mem_alloc(zones, len); diff --git a/src/driver/fortcnf.h b/src/driver/fortcnf.h index 5c360af1..a718fc68 100644 --- a/src/driver/fortcnf.h +++ b/src/driver/fortcnf.h @@ -42,7 +42,6 @@ typedef struct fort_device_conf PFORT_CONF_REF volatile ref; KSPIN_LOCK ref_lock; - PFORT_SERVICE_SID_LIST service_sids; PFORT_CONF_ZONES zones; EX_SPIN_LOCK lock; @@ -80,15 +79,6 @@ FORT_API FORT_CONF_FLAGS fort_conf_ref_set(PFORT_DEVICE_CONF device_conf, PFORT_ FORT_API FORT_CONF_FLAGS fort_conf_ref_flags_set( PFORT_DEVICE_CONF device_conf, const FORT_CONF_FLAGS conf_flags); -FORT_API PFORT_SERVICE_SID_LIST fort_conf_service_sids_new( - PCFORT_SERVICE_SID_LIST service_sids, ULONG len); - -FORT_API void fort_conf_service_sids_set( - PFORT_DEVICE_CONF device_conf, PFORT_SERVICE_SID_LIST service_sids); - -FORT_API BOOL fort_conf_get_service_sid_path( - PFORT_DEVICE_CONF device_conf, const char *sidBytes, PFORT_APP_PATH path); - FORT_API PFORT_CONF_ZONES fort_conf_zones_new(PFORT_CONF_ZONES zones, ULONG len); FORT_API void fort_conf_zones_set(PFORT_DEVICE_CONF device_conf, PFORT_CONF_ZONES zones); diff --git a/src/driver/fortcout.c b/src/driver/fortcout.c index ec86b75c..d4a9caec 100644 --- a/src/driver/fortcout.c +++ b/src/driver/fortcout.c @@ -365,72 +365,14 @@ inline static void fort_callout_ale_classify_action(PCFORT_CALLOUT_ARG ca, } } -inline static PSID_AND_ATTRIBUTES_HASH fort_callout_ale_get_sid(PCFORT_CALLOUT_ARG ca) -{ - const FWP_VALUE0 userIdField = ca->inFixedValues->incomingValue[ca->fi->userId].value; - if (userIdField.type != FWP_TOKEN_ACCESS_INFORMATION_TYPE) - return NULL; - - const PTOKEN_ACCESS_INFORMATION tokenInfo = - (PTOKEN_ACCESS_INFORMATION) userIdField.tokenAccessInformation->data; - if (tokenInfo == NULL) - return NULL; - - return tokenInfo->SidHash; -} - -inline static const char *fort_callout_ale_get_service_sid(const SID *sid) -{ - if (sid == NULL) - return NULL; - - if (sid->Revision != 1) - return NULL; - - if (sid->SubAuthorityCount != 6) - return NULL; // not "Service SID"'s sub-auth count - - const DWORD *subAuth = &sid->SubAuthority[0]; - if (*subAuth != 80) - return NULL; // not "Service SID"'s prefix - - const BYTE *idAuth = &sid->IdentifierAuthority.Value[0]; - if (idAuth[5] != 5) - return NULL; // not "NT Authority" - - if (idAuth[4] != 0 || *((PUINT32) &idAuth[0]) != 0) - return NULL; // not "NT Authority" - - return (const char *) &subAuth[1]; -} - -inline static BOOL fort_callout_ale_fill_path_sid( +inline static BOOL fort_callout_ale_fill_path_tag( PCFORT_CALLOUT_ARG ca, PFORT_CALLOUT_ALE_EXTRA cx, BOOL isSvcHost) { if (!isSvcHost) return FALSE; - const PSID_AND_ATTRIBUTES_HASH sidHash = fort_callout_ale_get_sid(ca); - if (sidHash == NULL) - return FALSE; - - const int sidCount = sidHash->SidCount; - - for (int i = 0; i < sidCount; ++i) { - const SID *sid = sidHash->SidAttr[i].Sid; - - // Get Service Name by SID - const char *sidBytes = fort_callout_ale_get_service_sid(sid); - if (sidBytes == NULL) - continue; - - cx->path.buffer = cx->svchost_name; - - if (fort_conf_get_service_sid_path(&fort_device()->conf, sidBytes, &cx->path)) - return TRUE; - - break; - } + // TODO + // PCWSTR tag = (PCWSTR) ca->inMetaValues->subProcessTag; return FALSE; } @@ -449,7 +391,7 @@ inline static void fort_callout_ale_fill_path(PCFORT_CALLOUT_ARG ca, PFORT_CALLO if (fort_pstree_get_proc_name( &fort_device()->ps_tree, cx->process_id, path, &isSvcHost, &inherited) - || fort_callout_ale_fill_path_sid(ca, cx, isSvcHost)) { + || fort_callout_ale_fill_path_tag(ca, cx, isSvcHost)) { if (!inherited) { *real_path = *path; diff --git a/src/driver/fortdev.c b/src/driver/fortdev.c index 03cc2a80..47f3f563 100644 --- a/src/driver/fortdev.c +++ b/src/driver/fortdev.c @@ -107,7 +107,6 @@ FORT_API NTSTATUS fort_device_cleanup(PDEVICE_OBJECT device, PIRP irp) const FORT_CONF_FLAGS old_conf_flags = fort_conf_ref_set(&fort_device()->conf, NULL); const FORT_CONF_FLAGS conf_flags = fort_device()->conf.conf_flags; - fort_conf_service_sids_set(&fort_device()->conf, NULL); fort_conf_zones_set(&fort_device()->conf, NULL); fort_stat_conf_flags_update(&fort_device()->stat, conf_flags); @@ -156,30 +155,6 @@ static NTSTATUS fort_device_control_setservices(PFORT_DEVICE_CONTROL_ARG dca) return STATUS_UNSUCCESSFUL; } -static NTSTATUS fort_device_control_setservice_sids(PFORT_DEVICE_CONTROL_ARG dca) -{ - const PCFORT_SERVICE_SID_LIST service_sids = dca->buffer; - const ULONG len = dca->in_len; - - if (len > sizeof(FORT_SERVICE_SID_LIST)) { - PFORT_SERVICE_SID_LIST sids = fort_conf_service_sids_new(service_sids, len); - - if (sids == NULL) { - return STATUS_INSUFFICIENT_RESOURCES; - } else { - fort_conf_service_sids_set(&fort_device()->conf, sids); - - fort_device_reauth_queue(); - - return STATUS_SUCCESS; - } - - return STATUS_SUCCESS; - } - - return STATUS_UNSUCCESSFUL; -} - inline static NTSTATUS fort_device_control_setconf_ref( const PFORT_CONF_IO conf_io, PFORT_CONF_REF conf_ref) { @@ -354,7 +329,6 @@ typedef FORT_DEVICE_CONTROL_PROCESS_FUNC *PFORT_DEVICE_CONTROL_PROCESS_FUNC; static PFORT_DEVICE_CONTROL_PROCESS_FUNC fortDeviceControlProcess_funcList[] = { &fort_device_control_validate, &fort_device_control_setservices, - &fort_device_control_setservice_sids, &fort_device_control_setconf, &fort_device_control_setflags, &fort_device_control_getlog, diff --git a/src/tests/UtilTest/tst_confutil.h b/src/tests/UtilTest/tst_confutil.h index 403aae16..deba6c52 100644 --- a/src/tests/UtilTest/tst_confutil.h +++ b/src/tests/UtilTest/tst_confutil.h @@ -139,81 +139,3 @@ TEST_F(ConfUtilTest, checkEnvManager) ASSERT_NE(envManager.expandString("%HOME%"), QString()); } - -TEST_F(ConfUtilTest, serviceSidsWriteRead) -{ - const auto SVC = [](const char *name) -> ServiceInfo { - ServiceInfo si; - si.serviceName = si.realServiceName = name; - return si; - }; - - const QVector services = { SVC("AppIDSvc"), SVC("Appinfo"), SVC("AppMgmt"), - SVC("AppReadiness"), SVC("AppXSvc"), SVC("AudioEndpointBuilder"), SVC("AxInstSV"), - SVC("BFE"), SVC("BITS"), SVC("BrokerInfrastructure"), SVC("BTAGService"), - SVC("BthAvctpSvc"), SVC("bthserv"), SVC("camsvc"), SVC("CDPSvc"), SVC("CertPropSvc"), - SVC("ClipSVC"), SVC("CoreMessagingRegistrar"), SVC("DcomLaunch"), - SVC("DeviceAssociationService"), SVC("DeviceInstall"), SVC("DevQueryBroker"), SVC("Dhcp"), - SVC("DialogBlockingService"), SVC("DispBrokerDesktopSvc"), SVC("DisplayEnhancementService"), - SVC("dot3svc"), SVC("DPS"), SVC("DsmSvc"), SVC("DsSvc"), SVC("EapHost"), - SVC("embeddedmode"), SVC("EntAppSvc"), SVC("EventLog"), SVC("EventSystem"), SVC("fdPHost"), - SVC("FDResPub"), SVC("fhsvc"), SVC("FontCache"), SVC("FrameServer"), SVC("hidserv"), - SVC("icssvc"), SVC("IKEEXT"), SVC("iphlpsvc"), SVC("IpxlatCfgSvc"), SVC("KtmRm"), - SVC("LanmanServer"), SVC("LanmanWorkstation"), SVC("lfsvc"), SVC("LicenseManager"), - SVC("lltdsvc"), SVC("lmhosts"), SVC("LSM"), SVC("LxpSvc"), SVC("mpssvc"), SVC("MSiSCSI"), - SVC("MsKeyboardFilter"), SVC("NaturalAuthentication"), SVC("NcaSvc"), SVC("NcbService"), - SVC("NcdAutoSetup"), SVC("Netman"), SVC("netprofm"), SVC("NetSetupSvc"), SVC("NgcCtnrSvc"), - SVC("NgcSvc"), SVC("NlaSvc"), SVC("nsi"), SVC("PcaSvc"), SVC("PhoneSvc"), SVC("pla"), - SVC("PlugPlay"), SVC("PolicyAgent"), SVC("Power"), SVC("PrintDeviceConfigurationService"), - SVC("PrintScanBrokerService"), SVC("ProfSvc"), SVC("PushToInstall"), SVC("QWAVE"), - SVC("RasAuto"), SVC("RasMan"), SVC("RemoteAccess"), SVC("RemoteRegistry"), SVC("RmSvc"), - SVC("RpcEptMapper"), SVC("RpcSs"), SVC("SCardSvr"), SVC("ScDeviceEnum"), SVC("Schedule"), - SVC("SCPolicySvc"), SVC("seclogon"), SVC("SENS"), SVC("SensorService"), SVC("SensrSvc"), - SVC("SessionEnv"), SVC("SharedAccess"), SVC("ShellHWDetection"), SVC("shpamsvc"), - SVC("SmsRouter"), SVC("SSDPSRV"), SVC("SstpSvc"), SVC("StateRepository"), SVC("StorSvc"), - SVC("svsvc"), SVC("SysMain"), SVC("SystemEventsBroker"), SVC("TapiSrv"), SVC("TermService"), - SVC("TextInputManagementService"), SVC("Themes"), SVC("TimeBrokerSvc"), SVC("TokenBroker"), - SVC("TrkWks"), SVC("TroubleshootingSvc"), SVC("tzautoupdate"), SVC("UmRdpService"), - SVC("upnphost"), SVC("UserManager"), SVC("UsoSvc"), SVC("vmicguestinterface"), - SVC("vmicheartbeat"), SVC("vmickvpexchange"), SVC("vmicrdv"), SVC("vmicshutdown"), - SVC("vmictimesync"), SVC("vmicvmsession"), SVC("W32Time"), SVC("WaaSMedicSvc"), - SVC("WbioSrvc"), SVC("wcncsvc"), SVC("WdiServiceHost"), SVC("WdiSystemHost"), - SVC("WebClient"), SVC("webthreatdefsvc"), SVC("Wecsvc"), SVC("WEPHOSTSVC"), - SVC("wercplsupport"), SVC("WFDSConMgrSvc"), SVC("WiaRpc"), SVC("WinHttpAutoProxySvc"), - SVC("Winmgmt"), SVC("WinRM"), SVC("wisvc"), SVC("wlidsvc"), SVC("wlpasvc"), SVC("WManSvc"), - SVC("WPDBusEnum"), SVC("WpnService"), SVC("wuauserv"), SVC("WwanSvc"), - SVC("XblAuthManager"), SVC("XblGameSave"), SVC("XboxGipSvc"), SVC("XboxNetApiSvc"), - SVC("AarSvc"), SVC("BcastDVRUserService"), SVC("CaptureService"), SVC("cbdhsvc"), - SVC("CDPUserSvc"), SVC("ConsentUxUserSvc"), SVC("DeviceAssociationBrokerSvc"), - SVC("DevicePickerUserSvc"), SVC("DevicesFlowUserSvc"), SVC("MessagingService"), - SVC("NPSMSvc"), SVC("PimIndexMaintenanceSvc"), SVC("PrintWorkflowUserSvc"), - SVC("UdkUserSvc"), SVC("UnistoreSvc"), SVC("UserDataSvc"), SVC("webthreatdefusersvc"), - SVC("WpnUserService") }; - - ConfBuffer confBuf; - - confBuf.writeServiceSids(services); - - // Check the buffer - const auto buffer = confBuf.buffer(); - - ASSERT_NE(buffer.size(), 0); - - PCFORT_SERVICE_SID_LIST service_sids = PCFORT_SERVICE_SID_LIST(buffer.data()); - - // Find Service Name by SID - for (const auto &si : services) { - const auto sid = StringUtil::serviceSid(si.realServiceName); - const auto name = DriverCommon::confServiceSidNameFind(service_sids, sid); - - ASSERT_EQ(name, si.serviceName.toLower()); - } - - // Find Invalid Service Name by SID - { - const auto sid = StringUtil::serviceSid("Bad"); - - ASSERT_EQ(sid.size(), FORT_SERVICE_SID_SIZE); - ASSERT_EQ(DriverCommon::confServiceSidNameFind(service_sids, sid), QString()); - } -} diff --git a/src/ui/conf/confmanager.cpp b/src/ui/conf/confmanager.cpp index c7d3839f..f1b1b738 100644 --- a/src/ui/conf/confmanager.cpp +++ b/src/ui/conf/confmanager.cpp @@ -925,7 +925,6 @@ void ConfManager::updateServices() auto serviceInfoManager = IoC(); updateOwnProcessServices(serviceInfoManager); - updateShareProcessServices(serviceInfoManager); } void ConfManager::updateDriverServices( @@ -938,15 +937,6 @@ void ConfManager::updateDriverServices( IoC()->writeServices(confBuf.buffer()); } -void ConfManager::updateDriverServiceSids(const QVector &services) -{ - ConfBuffer confBuf; - - confBuf.writeServiceSids(services); - - IoC()->writeServiceSids(confBuf.buffer()); -} - void ConfManager::updateOwnProcessServices(ServiceInfoManager *serviceInfoManager) { int runningServicesCount = 0; @@ -961,17 +951,6 @@ void ConfManager::updateOwnProcessServices(ServiceInfoManager *serviceInfoManage } } -void ConfManager::updateShareProcessServices(ServiceInfoManager *serviceInfoManager) -{ - const QVector services = serviceInfoManager->loadServiceInfoList( - ServiceInfo::TypeWin32ShareProcess, ServiceInfo::StateAll, - /*displayName=*/false); - - if (!services.isEmpty()) { - updateDriverServiceSids(services); - } -} - bool ConfManager::loadFromDb(FirewallConf &conf, bool &isNew) { // Load Address Groups diff --git a/src/ui/conf/confmanager.h b/src/ui/conf/confmanager.h index ece811d9..d18b1e32 100644 --- a/src/ui/conf/confmanager.h +++ b/src/ui/conf/confmanager.h @@ -97,10 +97,7 @@ private: bool validateConf(const FirewallConf &newConf); - void updateDriverServiceSids(const QVector &services); - void updateOwnProcessServices(ServiceInfoManager *serviceInfoManager); - void updateShareProcessServices(ServiceInfoManager *serviceInfoManager); bool loadFromDb(FirewallConf &conf, bool &isNew); bool saveToDb(const FirewallConf &conf); diff --git a/src/ui/driver/drivercommon.cpp b/src/ui/driver/drivercommon.cpp index 24d09fa0..4fb5c18a 100644 --- a/src/ui/driver/drivercommon.cpp +++ b/src/ui/driver/drivercommon.cpp @@ -22,11 +22,6 @@ quint32 ioctlSetServices() return FORT_IOCTL_SETSERVICES; } -quint32 ioctlSetServiceSids() -{ - return FORT_IOCTL_SETSERVICE_SIDS; -} - quint32 ioctlSetConf() { return FORT_IOCTL_SETCONF; @@ -231,13 +226,6 @@ FORT_APP_DATA confAppFind(const void *drvConf, const QString &kernelPath) return app_data; } -QString confServiceSidNameFind(PCFORT_SERVICE_SID_LIST service_sids, const char *sidBytes) -{ - PCWSTR name = fort_conf_service_sid_name_find(service_sids, sidBytes); - - return name ? QString::fromWCharArray(name) : QString(); -} - bool provRegister(bool bootFilter) { const FORT_PROV_BOOT_CONF boot_conf = { diff --git a/src/ui/driver/drivercommon.h b/src/ui/driver/drivercommon.h index 7e5bc721..725d02e9 100644 --- a/src/ui/driver/drivercommon.h +++ b/src/ui/driver/drivercommon.h @@ -11,7 +11,6 @@ QString deviceName(); quint32 ioctlValidate(); quint32 ioctlSetServices(); -quint32 ioctlSetServiceSids(); quint32 ioctlSetConf(); quint32 ioctlSetFlags(); quint32 ioctlGetLog(); @@ -71,8 +70,6 @@ bool confIp6InRange( FORT_APP_DATA confAppFind(const void *drvConf, const QString &kernelPath); -QString confServiceSidNameFind(PCFORT_SERVICE_SID_LIST service_sids, const char *sidBytes); - bool provRegister(bool bootFilter); void provUnregister(); diff --git a/src/ui/driver/drivermanager.cpp b/src/ui/driver/drivermanager.cpp index 94f75c8f..b406f438 100644 --- a/src/ui/driver/drivermanager.cpp +++ b/src/ui/driver/drivermanager.cpp @@ -108,11 +108,6 @@ bool DriverManager::writeServices(QByteArray &buf) return writeData(DriverCommon::ioctlSetServices(), buf); } -bool DriverManager::writeServiceSids(QByteArray &buf) -{ - return writeData(DriverCommon::ioctlSetServiceSids(), buf); -} - bool DriverManager::writeConf(QByteArray &buf, bool onlyFlags) { return writeData(onlyFlags ? DriverCommon::ioctlSetFlags() : DriverCommon::ioctlSetConf(), buf); diff --git a/src/ui/driver/drivermanager.h b/src/ui/driver/drivermanager.h index 3ba53284..3fe0be82 100644 --- a/src/ui/driver/drivermanager.h +++ b/src/ui/driver/drivermanager.h @@ -44,7 +44,6 @@ public slots: bool validate(QByteArray &buf); bool writeServices(QByteArray &buf); - bool writeServiceSids(QByteArray &buf); bool writeConf(QByteArray &buf, bool onlyFlags = false); bool writeApp(QByteArray &buf, bool remove = false); bool writeZones(QByteArray &buf, bool onlyFlags = false); diff --git a/src/ui/util/conf/confbuffer.cpp b/src/ui/util/conf/confbuffer.cpp index 3bcf2798..87728b22 100644 --- a/src/ui/util/conf/confbuffer.cpp +++ b/src/ui/util/conf/confbuffer.cpp @@ -54,25 +54,6 @@ int writeServiceInfo(char *data, const ServiceInfo &serviceInfo) return FORT_SERVICE_INFO_NAME_OFF + FORT_CONF_STR_DATA_SIZE(nameLen); } -void collectServiceSidsNames(const QVector &services, WriteServiceSidsArgs &wssa) -{ - QHash nameIndexMap; - - for (const ServiceInfo &info : services) { - const auto sid = StringUtil::serviceSid(info.realServiceName); - - const auto name = info.serviceName; - int nameIndex = nameIndexMap.value(name, -1); - - if (nameIndex == -1) { - nameIndex = wssa.namesList.size(); - wssa.namesList.append(name); - } - - wssa.sidNameIndexMap.insert(sid, nameIndex); - } -} - void writeAppGroupFlags(PFORT_CONF_GROUP out, const FirewallConf &conf) { out->group_bits = 0; @@ -195,28 +176,6 @@ void ConfBuffer::writeServices(const QVector &services, int running buffer().resize(outSize); // shrink to actual size } -void ConfBuffer::writeServiceSids(const QVector &services) -{ - WriteServiceSidsArgs wssa; - - collectServiceSidsNames(services, wssa); - - // Resize the buffer to max size - { - const int servicesCount = wssa.sidNameIndexMap.size(); - const int namesCount = wssa.namesList.size(); - - buffer().resize(FORT_SERVICE_SID_LIST_MAX_SIZE(servicesCount, namesCount)); - } - - // Fill the buffer - char *data = buffer().data(); - - const int outSize = ConfUtil::writeServiceSids(&data, wssa); - - buffer().resize(outSize); // shrink to actual size -} - bool ConfBuffer::write( const FirewallConf &conf, const ConfAppsWalker *confAppsWalker, EnvManager &envManager) { diff --git a/src/ui/util/conf/confbuffer.h b/src/ui/util/conf/confbuffer.h index 762118a9..7d8230ad 100644 --- a/src/ui/util/conf/confbuffer.h +++ b/src/ui/util/conf/confbuffer.h @@ -35,7 +35,6 @@ public slots: void writeVersion(); void writeServices(const QVector &services, int runningServicesCount); - void writeServiceSids(const QVector &services); bool write( const FirewallConf &conf, const ConfAppsWalker *confAppsWalker, EnvManager &envManager); diff --git a/src/ui/util/conf/confutil.cpp b/src/ui/util/conf/confutil.cpp index caf6e0d4..19ae8328 100644 --- a/src/ui/util/conf/confutil.cpp +++ b/src/ui/util/conf/confutil.cpp @@ -119,51 +119,6 @@ QRegularExpressionMatch ConfUtil::matchWildcard(const QStringView &path) return StringUtil::match(wildMatcher, path); } -int ConfUtil::writeServiceSids(char **data, const WriteServiceSidsArgs &wssa) -{ - PFORT_SERVICE_SID_LIST serviceSids = PFORT_SERVICE_SID_LIST(*data); - - const int servicesCount = wssa.sidNameIndexMap.size(); - const int namesCount = wssa.namesList.size(); - - serviceSids->services_n = servicesCount; - serviceSids->names_n = namesCount; - - // Write Service SID-s and Name Indexes - char *sid = serviceSids->data; - quint16 *nameIndex = (quint16 *) (sid + servicesCount * FORT_SERVICE_SID_SIZE); - -#if QT_VERSION >= QT_VERSION_CHECK(6, 6, 0) - for (const auto &[sidData, index] : wssa.sidNameIndexMap.asKeyValueRange()) { -#else - auto it = wssa.sidNameIndexMap.constBegin(); - for (; it != wssa.sidNameIndexMap.constEnd(); ++it) { - const auto &sidData = it.key(); - const auto index = it.value(); -#endif - - writeArray(&sid, sidData); - - *nameIndex++ = index; - } - - // Write Service Names: Offsets and Texts - quint32 *nameOffset = (quint32 *) nameIndex; - - char *nameData = (char *) (nameOffset + namesCount); - char *nameText = nameData; - - for (const auto &name : wssa.namesList) { - const quint32 off = nameText - nameData; - - *nameOffset++ = off; - - writeString(&nameText, name.toLower()); - } - - return (nameText - *data); -} - QString ConfUtil::parseAppPath(const QStringView &line, bool &isWild, bool &isPrefix) { auto path = line; diff --git a/src/ui/util/conf/confutil.h b/src/ui/util/conf/confutil.h index a3a31412..2ff43b91 100644 --- a/src/ui/util/conf/confutil.h +++ b/src/ui/util/conf/confutil.h @@ -17,12 +17,6 @@ using longs_arr_t = QVector; using shorts_arr_t = QVector; using chars_arr_t = QVector; -struct WriteServiceSidsArgs -{ - QMap sidNameIndexMap; - QStringList namesList; -}; - struct ParseAddressGroupsArgs { addrranges_arr_t addressRanges; @@ -48,8 +42,6 @@ public: static QRegularExpressionMatch matchWildcard(const QStringView &path); - static int writeServiceSids(char **data, const WriteServiceSidsArgs &wssa); - static QString parseAppPath(const QStringView &line, bool &isWild, bool &isPrefix); static void writeConf(char **data, const WriteConfArgs &wca, AppParseOptions &opt); diff --git a/src/version/fort_version.h b/src/version/fort_version.h index 03ea85c3..e2c6b070 100644 --- a/src/version/fort_version.h +++ b/src/version/fort_version.h @@ -16,6 +16,6 @@ #define APP_UPDATES_URL "https://github.com/tnodir/fort/releases" #define APP_UPDATES_API_URL "https://api.github.com/repos/tnodir/fort/releases/latest" -#define DRIVER_VERSION 40 +#define DRIVER_VERSION 41 #endif // FORT_VERSION_H