dump ip and port for sockets where relevant, tweak some stuff

Thorsten-Sick · Jun 25, 2014 · 43bf2b0 · 43bf2b0
1 parent d879adc
commit 43bf2b0
Showing 1 changed file with 64 additions and 27 deletions.
diff --git a/hook_socket.c b/hook_socket.c
@@ -27,6 +27,17 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 static const char *category = "socket";
 static IS_SUCCESS_INTM1();
 
+static void get_ip_port(const struct sockaddr *addr,
+    const char **ip, int *port)
+{
+    // TODO IPv6 support.
+    if(addr != NULL) {
+        const struct sockaddr_in *addr4 = (const struct sockaddr_in *) addr;
+        *ip = inet_ntoa(addr4->sin_addr);
+        *port = htons(addr4->sin_port);
+    }
+}
+
 HOOKDEF(int, WINAPI, WSAStartup,
     _In_   WORD wVersionRequested,
     _Out_  LPWSADATA lpWSAData
@@ -54,7 +65,7 @@ HOOKDEF(SOCKET, WSAAPI, socket,
     __in  int protocol
 ) {
     SOCKET ret = Old_socket(af, type, protocol);
-    LOQ("lll", "af", af, "type", type, "protocol", protocol);
+    LOQ("iiii", "af", af, "type", type, "protocol", protocol, "socket", ret);
     return ret;
 }
 
@@ -64,7 +75,9 @@ HOOKDEF(int, WSAAPI, connect,
     __in  int namelen
 ) {
     int ret = Old_connect(s, name, namelen);
-    LOQ("p", "socket", s);
+    const char *ip = NULL; int port = 0;
+    get_ip_port(name, &ip, &port);
+    LOQ("isi", "socket", s, "ip", ip, "port", port);
     return ret;
 }
 
@@ -88,7 +101,12 @@ HOOKDEF(int, WSAAPI, sendto,
     __in  int tolen
 ) {
     int ret = Old_sendto(s, buf, len, flags, to, tolen);
-    LOQ("pb", "socket", s, "buffer", ret < 1 ? 0 : ret, buf);
+    const char *ip = NULL; int port = 0;
+    if(ret > 0) {
+        get_ip_port(to, &ip, &port);
+    }
+    LOQ("pbsi", "socket", s, "buffer", ret < 1 ? 0 : ret, buf,
+        "ip", ip, "port", port);
     return ret;
 }
 
@@ -112,7 +130,12 @@ HOOKDEF(int, WSAAPI, recvfrom,
     __inout_opt  int *fromlen
 ) {
     int ret = Old_recvfrom(s, buf, len, flags, from, fromlen);
-    LOQ("pb", "socket", s, "buffer", ret < 1 ? 0 : ret, buf);
+    const char *ip = NULL; int port = 0;
+    if(ret > 0) {
+        get_ip_port(from, &ip, &port);
+    }
+    LOQ("pbsi", "socket", s, "buffer", ret < 1 ? 0 : ret, buf,
+        "ip", ip, "port", port);
     return ret;
 }
 
@@ -122,7 +145,17 @@ HOOKDEF(SOCKET, WSAAPI, accept,
     __inout  int *addrlen
 ) {
     SOCKET ret = Old_accept(s, addr, addrlen);
-    LOQ("pp", "socket", s, "ClientSocket", ret);
+    const char *ip_s = NULL, *ip_c = NULL; int port_s = 0, port_c = 0;
+    struct sockaddr addr_c; int addr_c_len = sizeof(addr_c);
+
+    get_ip_port(addr, &ip_s, &port_s);
+    if(getpeername(ret, &addr_c, &addr_c_len) == 0) {
+        get_ip_port(&addr_c, &ip_c, &port_c);
+    }
+
+    LOQ("iisisi", "socket", s, "ClientSocket", ret,
+        "ip_accept", ip_s, "port_accept", port_s,
+        "ip_client", ip_c, "port_client", port_c);
     return ret;
 }
 
@@ -132,14 +165,10 @@ HOOKDEF(int, WSAAPI, bind,
     __in  int namelen
 ) {
     int ret = Old_bind(s, name, namelen);
-    if(ret == 0) {
-        LOQ("psl", "socket", s,
-            "ip", inet_ntoa(((struct sockaddr_in *) name)->sin_addr),
-            "port", htons(((struct sockaddr_in *) name)->sin_port));
-    }
-    else {
-        LOQ2("p", "socket", s);
-    }
+    const char *ip = NULL; int port = 0;
+    get_ip_port(name, &ip, &port);
+
+    LOQ("isi", "socket", s, "ip", ip, "port", port);
     return ret;
 }
 
@@ -148,7 +177,7 @@ HOOKDEF(int, WSAAPI, listen,
     __in  int backlog
 ) {
     int ret = Old_listen(s, backlog);
-    LOQ("p", "socket", s);
+    LOQ("i", "socket", s);
     return ret;
 }
 
@@ -160,7 +189,7 @@ HOOKDEF(int, WSAAPI, select,
     __in     const struct timeval *timeout
 ) {
     int ret = Old_select(s, readfds, writefds, exceptfds, timeout);
-    LOQ("p", "socket", s);
+    LOQ("i", "socket", s);
     return ret;
 }
 
@@ -172,7 +201,7 @@ HOOKDEF(int, WSAAPI, setsockopt,
     __in  int optlen
 ) {
     int ret = Old_setsockopt(s, level, optname, optval, optlen);
-    LOQ("pllb", "socket", s, "level", level, "optname", optname,
+    LOQ("illb", "socket", s, "level", level, "optname", optname,
         "optval", optlen, optval);
     return ret;
 }
@@ -183,15 +212,15 @@ HOOKDEF(int, WSAAPI, ioctlsocket,
     __inout  u_long *argp
 ) {
     int ret = Old_ioctlsocket(s, cmd, argp);
-    LOQ("pl", "socket", s, "command", cmd);
+    LOQ("il", "socket", s, "command", cmd);
     return ret;
 }
 
 HOOKDEF(int, WSAAPI, closesocket,
     __in  SOCKET s
 ) {
     int ret = Old_closesocket(s);
-    LOQ("p", "socket", s);
+    LOQ("i", "socket", s);
     return ret;
 }
 
@@ -200,7 +229,7 @@ HOOKDEF(int, WSAAPI, shutdown,
     __in  int how
 ) {
     int ret = Old_shutdown(s, how);
-    LOQ("pl", "socket", s, "how", how);
+    LOQ("il", "socket", s, "how", how);
     return ret;
 }
 
@@ -216,7 +245,7 @@ HOOKDEF(int, WSAAPI, WSARecv,
     BOOL ret = Old_WSARecv(s, lpBuffers, dwBufferCount, lpNumberOfBytesRecvd,
         lpFlags, lpOverlapped, lpCompletionRoutine);
     // TODO dump buffers
-    LOQ("p", "socket", s);
+    LOQ("i", "socket", s);
     return ret;
 }
 
@@ -234,8 +263,10 @@ HOOKDEF(int, WSAAPI, WSARecvFrom,
     BOOL ret = Old_WSARecvFrom(s, lpBuffers, dwBufferCount,
         lpNumberOfBytesRecvd, lpFlags, lpFrom, lpFromlen, lpOverlapped,
         lpCompletionRoutine);
-    // TODO dump buffer
-    LOQ("p", "socket", s);
+    const char *ip = NULL; int port = 0;
+    get_ip_port(lpFrom, &ip, &port);
+    // TODO dump buffer, implement support for completion routine
+    LOQ("isi", "socket", s, "ip", ip, "port", port);
     return ret;
 }
 
@@ -251,7 +282,7 @@ HOOKDEF(int, WSAAPI, WSASend,
     BOOL ret = Old_WSASend(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent,
         dwFlags, lpOverlapped, lpCompletionRoutine);
     // TODO dump buffers
-    LOQ("p", "Socket", s);
+    LOQ("i", "Socket", s);
     return ret;
 }
 
@@ -266,10 +297,13 @@ HOOKDEF(int, WSAAPI, WSASendTo,
     __in   LPWSAOVERLAPPED lpOverlapped,
     __in   LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine
 ) {
+    const char *ip = NULL; int port = 0;
+    get_ip_port(lpTo, &ip, &port);
+
     BOOL ret = Old_WSASendTo(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent,
         dwFlags, lpTo, iToLen, lpOverlapped, lpCompletionRoutine);
     // TODO dump buffers
-    LOQ("p", "Socket", s);
+    LOQ("isi", "Socket", s, "ip", ip, "port", port);
     return ret;
 }
 
@@ -283,7 +317,7 @@ HOOKDEF(SOCKET, WSAAPI, WSASocketA,
 ) {
     SOCKET ret = Old_WSASocketA(af, type, protocol, lpProtocolInfo,
         g, dwFlags);
-    LOQ("lll", "af", af, "type", type, "protocol", protocol);
+    LOQ("iiii", "af", af, "type", type, "protocol", protocol, "socket", ret);
     return ret;
 }
 
@@ -297,7 +331,7 @@ HOOKDEF(SOCKET, WSAAPI, WSASocketW,
 ) {
     SOCKET ret = Old_WSASocketW(af, type, protocol, lpProtocolInfo,
         g, dwFlags);
-    LOQ("lll", "af", af, "type", type, "protocol", protocol);
+    LOQ("iiii", "af", af, "type", type, "protocol", protocol, "socket", ret);
     return ret;
 }
 
@@ -314,7 +348,10 @@ HOOKDEF(BOOL, PASCAL, ConnectEx,
 
     BOOL ret = Old_ConnectEx(s, name, namelen, lpSendBuffer, dwSendDataLength,
         lpdwBytesSent, lpOverlapped);
-    LOQ("pB", "socket", s, "SendBuffer", lpdwBytesSent, lpSendBuffer);
+    const char *ip = NULL; int port = 0;
+    get_ip_port(name, &ip, &port);
+    LOQ("pBsi", "socket", s, "SendBuffer", lpdwBytesSent, lpSendBuffer,
+        "ip", ip, "port", port);
     return ret;
 }