Windows ping源码
Posted Tankng
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Windows ping源码相关的知识,希望对你有一定的参考价值。
需要测试外网的联通性,想到了用ping。网上下载了ping的源代码,调试下整理如下:
1 /******************************************************************************\ 2 * ping.c - Simple ping utility using SOCK_RAW 3 * 4 * This is a part of the Microsoft Source Code Samples. 5 * Copyright 1996-1997 Microsoft Corporation. 6 * All rights reserved. 7 * This source code is only intended as a supplement to 8 * Microsoft Development Tools and/or WinHelp documentation. 9 * See these sources for detailed information regarding the 10 * Microsoft samples programs. 11 \******************************************************************************/ 12 13 #pragma pack(4) 14 15 #define WIN32_LEAN_AND_MEAN 16 #include <winsock2.h> 17 #include <stdio.h> 18 #include <stdlib.h> 19 #pragma comment(lib,"ws2_32.lib") 20 21 #define ICMP_ECHO 8 22 #define ICMP_ECHOREPLY 0 23 24 #define ICMP_MIN 8 // minimum 8 byte icmp packet (just header) 25 26 /* The IP header */ 27 typedef struct iphdr 28 { 29 unsigned int h_len:4; // length of the header 30 unsigned int version:4; // Version of IP 31 unsigned char tos; // Type of service 32 unsigned short total_len; // total length of the packet 33 unsigned short ident; // unique identifier 34 unsigned short frag_and_flags; // flags 35 unsigned char ttl; 36 unsigned char proto; // protocol (TCP, UDP etc) 37 unsigned short checksum; // IP checksum 38 unsigned int sourceIP; 39 unsigned int destIP; 40 }IpHeader; 41 42 // 43 // ICMP header 44 // 45 typedef struct _ihdr { 46 BYTE i_type; //消息类型 47 BYTE i_code; //代码 /* type sub code */ 48 USHORT i_cksum; //校验和 49 USHORT i_id; //ID号 50 USHORT i_seq; //序列号 51 ULONG timestamp; //时间戳 /* This is not the std header, but we reserve space for time */ 52 }IcmpHeader; //ICMP报文 包括报头和数据 53 54 #define STATUS_FAILED 0xFFFF 55 #define DEF_PACKET_SIZE 32 56 #define MAX_PACKET 1024 57 58 #define xmalloc(s) HeapAlloc(GetProcessHeap(),HEAP_ZERO_MEMORY,(s)) 59 #define xfree(p) HeapFree (GetProcessHeap(),0,(p)) 60 61 void fill_icmp_data(char *, int); 62 USHORT checksum(USHORT *, int); 63 void decode_resp(char *,int ,struct sockaddr_in *); 64 65 int main(int argc, char **argv) 66 { 67 WSADATA wsaData; 68 SOCKET sockRaw; 69 struct sockaddr_in dest; 70 struct hostent * hp; 71 int bread,datasize; 72 int timeout = 1000; 73 char *dest_ip; 74 char *icmp_data; 75 char *recvbuf; 76 unsigned int addr=0; 77 USHORT seq_no = 0; 78 struct sockaddr_in from; 79 int fromlen = sizeof(from); 80 81 if (WSAStartup(MAKEWORD(2,1),&wsaData) != 0) 82 { 83 fprintf(stderr,"WSAStartup failed: %d\n",GetLastError()); 84 ExitProcess(STATUS_FAILED); 85 } 86 87 /* 88 为了使用发送接收超时设置(即设置SO_RCVTIMEO, SO_SNDTIMEO), 89 // 必须将标志位设为WSA_FLAG_OVERLAPPED ! 90 */ 91 sockRaw = WSASocket (AF_INET, SOCK_RAW, IPPROTO_ICMP, NULL, 0,WSA_FLAG_OVERLAPPED); //建立一个原始套接字 92 //sockRaw = WSASocket (AF_INET, SOCK_RAW, IPPROTO_ICMP, NULL, 0,0); 93 94 if (sockRaw == INVALID_SOCKET) 95 { 96 fprintf(stderr,"WSASocket() failed: %d\n",WSAGetLastError()); 97 ExitProcess(STATUS_FAILED); 98 } 99 100 timeout = 1000; //设置接收超时时间 101 bread = setsockopt(sockRaw,SOL_SOCKET,SO_RCVTIMEO,(char*)&timeout, sizeof(timeout)); //RECVTIMEO是接收超时时间 102 if(bread == SOCKET_ERROR) 103 { 104 fprintf(stderr,"failed to set recv timeout: %d\n",WSAGetLastError()); 105 ExitProcess(STATUS_FAILED); 106 } 107 108 timeout = 1000; //设置发送超时时间 109 bread = setsockopt(sockRaw,SOL_SOCKET,SO_SNDTIMEO,(char*)&timeout, sizeof(timeout)); //SNDTIMEO是发送超时时间 110 if(bread == SOCKET_ERROR) 111 { 112 fprintf(stderr,"failed to set send timeout: %d\n",WSAGetLastError()); 113 ExitProcess(STATUS_FAILED); 114 } 115 memset(&dest,0,sizeof(dest)); //目标地址清零 116 117 hp = gethostbyname("www.baidu.com"); //通过域名或者主机名获取IP地址 118 if (!hp) //失败返回NULL 119 { 120 ExitProcess(STATUS_FAILED); 121 } 122 else 123 { 124 addr = inet_addr("14.215.177.37"); //www.baidu.com的ip地址 125 } 126 127 if ((!hp) && (addr == INADDR_NONE)) //既不是域名也不是点分十进制的IP地址 128 { 129 ExitProcess(STATUS_FAILED); 130 } 131 132 if (hp != NULL) //获取的是域名 133 memcpy(&(dest.sin_addr),hp->h_addr,hp->h_length); //从hostent得到的对方ip地址 134 else 135 dest.sin_addr.s_addr = addr; 136 137 if (hp) 138 dest.sin_family = hp->h_addrtype; //sin_family不是一定只能填AF_INET吗? 139 else 140 dest.sin_family = AF_INET; 141 142 dest_ip = inet_ntoa(dest.sin_addr); //目标IP地址 143 144 datasize = DEF_PACKET_SIZE; //ICMP包数据大小设定为32 145 146 datasize += sizeof(IcmpHeader); //另外加上ICMP包的包头 其实包头占12个字节 147 148 icmp_data = (char *)xmalloc(MAX_PACKET);//发送icmp_data数据包内存 149 recvbuf = (char *)xmalloc(MAX_PACKET); //存放接收到的数据 150 151 if (!icmp_data) //分配内存 152 { 153 ExitProcess(STATUS_FAILED); 154 } 155 156 memset(icmp_data,0,MAX_PACKET); 157 fill_icmp_data(icmp_data,datasize); //只填充了ICMP包 158 159 fprintf(stdout,"\nPinging %s ....\n\n",dest_ip); 160 161 while(1) 162 { 163 int bwrote; 164 165 ((IcmpHeader*)icmp_data)->i_cksum = 0; 166 ((IcmpHeader*)icmp_data)->timestamp = GetTickCount(); //时间戳 167 168 ((IcmpHeader*)icmp_data)->i_seq = seq_no++; //ICMP的序列号 169 ((IcmpHeader*)icmp_data)->i_cksum = checksum((USHORT*)icmp_data, datasize); //icmp校验位 170 171 //下面这个函数的问题是 发送数据只是ICMP数据包,而接收到的数据时包含ip头的 也就是发送和接收不对等 172 //问题是sockRaw 设定了协议为 IPPROTO_ICMP 173 bwrote = sendto(sockRaw,icmp_data,datasize,0,(struct sockaddr*)&dest, sizeof(dest)); 174 if (bwrote == SOCKET_ERROR) 175 { 176 if (WSAGetLastError() == WSAETIMEDOUT) //发送时间超时 177 { 178 printf("timed out\n"); 179 continue; 180 } 181 182 fprintf(stderr,"sendto failed: %d\n",WSAGetLastError()); 183 ExitProcess(STATUS_FAILED); 184 } 185 186 if (bwrote < datasize ) 187 { 188 fprintf(stdout,"Wrote %d bytes\n",bwrote); 189 } 190 191 bread = recvfrom(sockRaw,recvbuf,MAX_PACKET,0,(struct sockaddr*)&from, &fromlen); 192 if (bread == SOCKET_ERROR) 193 { 194 if (WSAGetLastError() == WSAETIMEDOUT) 195 { 196 printf("timed out\n"); 197 continue; 198 } 199 fprintf(stderr,"recvfrom failed: %d\n",WSAGetLastError()); 200 ExitProcess(STATUS_FAILED); 201 } 202 decode_resp(recvbuf,bread,&from); 203 204 Sleep(1000); 205 } 206 207 WSACleanup(); 208 system("pause"); 209 210 return 0; 211 } 212 213 /* 214 The response is an IP packet. We must decode the IP header to locate 215 the ICMP data 216 */ 217 void decode_resp(char *buf, int bytes,struct sockaddr_in *from) 218 { 219 IpHeader *iphdr; 220 IcmpHeader *icmphdr; 221 unsigned short iphdrlen; 222 223 iphdr = (IpHeader *)buf; //接收到的数据就是原始的IP数据报 224 225 iphdrlen = iphdr->h_len * 4 ; // number of 32-bit words *4 = bytes 226 227 if (bytes < iphdrlen + ICMP_MIN) 228 { 229 printf("Too few bytes from %s\n",inet_ntoa(from->sin_addr)); 230 } 231 232 icmphdr = (IcmpHeader*)(buf + iphdrlen); 233 234 if(icmphdr->i_type == 3) 235 { 236 printf("network unreachable -- Response from %s.\n",inet_ntoa(from->sin_addr)); 237 return ; 238 } 239 240 if (icmphdr->i_id != (USHORT)GetCurrentProcessId()) 241 { 242 fprintf(stderr,"someone else‘s packet!\n"); 243 return ; 244 } 245 printf("%d bytes from %s:",bytes, inet_ntoa(from->sin_addr)); 246 printf(" icmp_seq = %d ",icmphdr->i_seq); 247 printf(" time: %d ms ",GetTickCount()-icmphdr->timestamp); 248 printf(" ttl: %d",iphdr->ttl); 249 printf("\n"); 250 } 251 252 //完成ICMP的校验 253 USHORT checksum(USHORT *buffer, int size) 254 { 255 unsigned long cksum=0; 256 257 while(size >1) 258 { 259 cksum+=*buffer++; 260 size -=sizeof(USHORT); 261 } 262 263 if(size ) 264 { 265 cksum += *(UCHAR*)buffer; 266 } 267 268 cksum = (cksum >> 16) + (cksum & 0xffff); 269 cksum += (cksum >>16); 270 return (USHORT)(~cksum); 271 } 272 273 /* 274 Helper function to fill in various stuff in our ICMP request. 275 */ 276 void fill_icmp_data(char * icmp_data, int datasize){ 277 278 IcmpHeader *icmp_hdr; 279 char *datapart; 280 281 icmp_hdr = (IcmpHeader*)icmp_data; 282 283 icmp_hdr->i_type = ICMP_ECHO; //ICMP_ECHO要求收到包的主机回复此ICMP包 284 icmp_hdr->i_code = 0; 285 icmp_hdr->i_id = (USHORT)GetCurrentProcessId(); //id填当前进程的id 286 icmp_hdr->i_cksum = 0; 287 icmp_hdr->i_seq = 0; 288 289 datapart = icmp_data + sizeof(IcmpHeader); 290 // 291 // Place some junk in the buffer. 292 // 293 memset(datapart,‘E‘, datasize - sizeof(IcmpHeader)); //填充了一些废物 294 }
我下到代码的时候,第91行创建原始套接字的地方原本是被屏蔽的第92行,区别在与创建套接字时赋予的标志位不一样。
WSASocket函数的定义如下:
SOCKET WSASocket ( int af, int type, int protocol, LPWSAPROTOCOL_INFO lpProtocolInfo, GROUP g, DWORD dwFlags );
af:[in]一个地址族规范。目前仅支持AF_INET格式,亦即ARPA Internet地址格式。
type:新套接口的类型描述。
protocol:套接口使用的特定协议,如果调用者不愿指定协议则定为0。
lpProtocolInfo:一个指向PROTOCOL_INFO结构的指针,该结构定义所创建套接口的特性。如果本参数非零,则前三个参数(af, type, protocol)被忽略。
g:保留给未来使用的套接口组。套接口组的标识符。
iFlags:套接口属性描述。
具体详细介绍看微软官方介绍文档:https://msdn.microsoft.com/en-us/library/ms742212(VS.85).aspx
以上是关于Windows ping源码的主要内容,如果未能解决你的问题,请参考以下文章
初识Spring源码 -- doResolveDependency | findAutowireCandidates | @Order@Priority调用排序 | @Autowired注入(代码片段
初识Spring源码 -- doResolveDependency | findAutowireCandidates | @Order@Priority调用排序 | @Autowired注入(代码片段
Android 插件化VirtualApp 源码分析 ( 目前的 API 现状 | 安装应用源码分析 | 安装按钮执行的操作 | 返回到 HomeActivity 执行的操作 )(代码片段
Android 事件分发事件分发源码分析 ( Activity 中各层级的事件传递 | Activity -> PhoneWindow -> DecorView -> ViewGroup )(代码片段
Android 逆向整体加固脱壳 ( DEX 优化流程分析 | DexPrepare.cpp 中 dvmOptimizeDexFile() 方法分析 | /bin/dexopt 源码分析 )(代码片段