From 04fcd0d09a115250496a9ad75c60735e882c0aa1 Mon Sep 17 00:00:00 2001 From: arcfox Date: Thu, 9 May 2024 09:48:08 +0800 Subject: [PATCH] dns: amlog hook & subdomain wildcard parse --- hooklib/dns.c | 43 +++++++++++++++++++++++++++++++++++++------ platform/dns.c | 8 +++++++- 2 files changed, 44 insertions(+), 7 deletions(-) diff --git a/hooklib/dns.c b/hooklib/dns.c index e8b0e69..d7f0c4a 100644 --- a/hooklib/dns.c +++ b/hooklib/dns.c @@ -194,6 +194,37 @@ static void dns_hook_init(void) _countof(dns_hook_syms_winhttp)); } +// This function match domain and subdomains like *.naominet.jp. +bool match_domain(const wchar_t* target, const wchar_t* pattern) { + if (_wcsicmp(pattern, target) == 0) { + return true; + } + + int pattern_ptr_index = 0; + int target_ptr_index = 0; + + while (pattern[pattern_ptr_index] != '\0' && target[target_ptr_index] != '\0') { + if (pattern[pattern_ptr_index] == '*') { + pattern_ptr_index++; // Check next character for wildcard match. + + while (pattern[pattern_ptr_index] != target[target_ptr_index]) { + target_ptr_index++; + + if (target[target_ptr_index] == '\0') return false; + } + } + else if (pattern[pattern_ptr_index] != target[target_ptr_index]) { + return false; + } + else { + pattern_ptr_index++; + target_ptr_index++; + } + } + + return pattern[pattern_ptr_index] == '\0' && target[target_ptr_index] == '\0'; +} + HRESULT dns_hook_push(const wchar_t *from_src, const wchar_t *to_src) { HRESULT hr; @@ -297,7 +328,7 @@ static DNS_STATUS WINAPI hook_DnsQuery_A( for (i = 0 ; i < dns_hook_nentries ; i++) { pos = &dns_hook_entries[i]; - if (_wcsicmp(wstr, pos->from) == 0) { + if (match_domain(wstr, pos->from)) { if(pos->to == NULL) { LeaveCriticalSection(&dns_hook_lock); hr = HRESULT_FROM_WIN32(DNS_ERROR_RCODE_NAME_ERROR); @@ -361,7 +392,7 @@ static DNS_STATUS WINAPI hook_DnsQuery_W( for (i = 0 ; i < dns_hook_nentries ; i++) { pos = &dns_hook_entries[i]; - if (_wcsicmp(pszName, pos->from) == 0) { + if (match_domain(pszName, pos->from)) { if(pos->to == NULL) { LeaveCriticalSection(&dns_hook_lock); return HRESULT_FROM_WIN32(DNS_ERROR_RCODE_NAME_ERROR); @@ -405,7 +436,7 @@ static DNS_STATUS WINAPI hook_DnsQueryEx( for (i = 0 ; i < dns_hook_nentries ; i++) { pos = &dns_hook_entries[i]; - if (_wcsicmp(pRequest->QueryName, pos->from) == 0) { + if (match_domain(pRequest->QueryName, pos->from)) { if(pos->to == NULL) { LeaveCriticalSection(&dns_hook_lock); return HRESULT_FROM_WIN32(DNS_ERROR_RCODE_NAME_ERROR); @@ -472,7 +503,7 @@ static int WSAAPI hook_getaddrinfo( for (i = 0 ; i < dns_hook_nentries ; i++) { pos = &dns_hook_entries[i]; - if (_wcsicmp(wstr, pos->from) == 0) { + if (match_domain(wstr, pos->from)) { if(pos->to == NULL) { LeaveCriticalSection(&dns_hook_lock); result = EAI_NONAME; @@ -526,7 +557,7 @@ static HINTERNET WINAPI hook_WinHttpConnect( for (i = 0 ; i < dns_hook_nentries ; i++) { pos = &dns_hook_entries[i]; - if (_wcsicmp(pwszServerName, pos->from) == 0) { + if (match_domain(pwszServerName, pos->from)) { if(pos->to == NULL) { LeaveCriticalSection(&dns_hook_lock); return NULL; @@ -558,7 +589,7 @@ static bool WINAPI hook_WinHttpCrackUrl( for (i = 0 ; i < dns_hook_nentries ; i++) { pos = &dns_hook_entries[i]; - if (_wcsicmp(pwszUrl, pos->from) == 0) { + if (match_domain(pwszUrl, pos->from)) { wchar_t* toAddr = pos->to; wchar_t titleBuffer[255]; diff --git a/platform/dns.c b/platform/dns.c index 692ee13..d32ce8d 100644 --- a/platform/dns.c +++ b/platform/dns.c @@ -126,7 +126,13 @@ HRESULT dns_platform_hook_init(const struct dns_config *cfg) // Disable api/polling to the original servers - hr = dns_hook_push(L"amlog.sys-all.net", NULL); + hr = dns_hook_push(L"*.amlog.sys-all.net", NULL); + + if (FAILED(hr)) { + return hr; + } + + hr = dns_hook_push(L"*.d-amlog.sys-all.net", NULL); if (FAILED(hr)) { return hr;