Close a tcp/udp connection(less)

Ask your beginner questions here.
Post Reply
Carlbyte
Posts: 74
Joined: Fri Mar 21, 2014 12:18 pm

Close a tcp/udp connection(less)

Post by Carlbyte » Wed Jul 12, 2017 2:02 am

Hello everyone,

I'm trying to create a function in a TDI driver, to close a tcp/udp connection(less).

Initially, I tried the simpler option to close a udp connectionless, using the obdereferenceobject function and
passing the file_object (tditransportaddress) parameter that was created in irp_create. The result was
status_unsuccessful. Is this procedure wrong?

Carlbyte
Posts: 74
Joined: Fri Mar 21, 2014 12:18 pm

Re: Close a tcp/udp connection(less)

Post by Carlbyte » Thu Jul 13, 2017 2:22 pm

I run a program that creates the socket, with a driver, I call the obdereferenceobject function in the fileobject tditransportaddress and nothing happens, when the program closes, blue screen occurs!

User avatar
Vrtule
Posts: 459
Joined: Sat Mar 13, 2010 9:14 pm
Location: Czech Republic
Contact:

Re: Close a tcp/udp connection(less)

Post by Vrtule » Thu Jul 13, 2017 3:14 pm

Hello,
when the program closes, blue screen occurs
manipulation with data structures belonging to other drivers often has such a consequence. I would be careful especially with file objects, since their semantics is quite complex. Also, part of the sockets implementation is in usermode inside a Winsock Provider DLL (WSP) that can be very unhappy if you start playing with the structures it uses through open handles.

What about blocking all traffic going through that socket/connection? The connection would die after some time by itself (and in kind of a documented manner).

Vrtule

Carlbyte
Posts: 74
Joined: Fri Mar 21, 2014 12:18 pm

Re: Close a tcp/udp connection(less)

Post by Carlbyte » Thu Jul 13, 2017 7:10 pm

I tried this procedure https://msdn.microsoft.com/en-us/librar ... s.85).aspx

There are some softwares that close tcp connections, can you tell me what kind of procedure they use? tips...

Carlbyte
Posts: 74
Joined: Fri Mar 21, 2014 12:18 pm

Re: Close a tcp/udp connection(less)

Post by Carlbyte » Fri Jul 14, 2017 1:42 pm

A approach would be to use DuplicateHandle() with the DUPLICATE_CLOSE_SOURCE flag

User avatar
Vrtule
Posts: 459
Joined: Sat Mar 13, 2010 9:14 pm
Location: Czech Republic
Contact:

Re: Close a tcp/udp connection(less)

Post by Vrtule » Fri Jul 14, 2017 3:16 pm

Carlbyte wrote:I tried this procedure https://msdn.microsoft.com/en-us/librar ... s.85).aspx

There are some softwares that close tcp connections, can you tell me what kind of procedure they use? tips...
AFAIR I use probably the same procedure in my driver that communicates via TDI (so it does not do things you need). But it would become definitely unhappy if you would just call ObDereferenceObject on one of its (file) objects, because by that call you remove a reference that is not yours (whis is not the problem, in theory) and my driver does not know that the reference is gone (which is the problem). But I don't know how Winsock works here.

Carlbyte
Posts: 74
Joined: Fri Mar 21, 2014 12:18 pm

Re: Close a tcp/udp connection(less)

Post by Carlbyte » Fri Jul 14, 2017 8:16 pm

I understood, anyway, I need to find a solution. I believe closing handlers.

Post Reply