public static extern int ZwConnectPort(ref System.IntPtr PortHandle, ref NAlpc.UNICODE_STRING PortName, ref SECURITY_QUALITY_OF_SERVICE SecurityQos, ref PORT_VIEW ClientView, ref REMOTE_PORT_VIEW ServerView, ref uint MaxMessageLength, System.IntPtr ConnectionInformation, ref uint ConnectionInformationLength);
public static unsafe void ClientThread1()
{
G.SECURITY_QUALITY_OF_SERVICE SecurityQos;
UNICODE_STRING PortName;
int Status = 0;
IntPtr PortHandle = IntPtr.Zero;
uint MaxMessageLength = 0;
int MessageLength = sizeof(TRANSFERRED_MESSAGE);
int ReplyLength = sizeof(TRANSFERRED_MESSAGE);
uint PassCount;
// //
// // Allocate space for message to be transferred through LPC
// //
TRANSFERRED_MESSAGE LpcMessage = TRANSFERRED_MESSAGE.Create();
TRANSFERRED_MESSAGE LpcReply = TRANSFERRED_MESSAGE.Create();
for (PassCount = 0; PassCount < 3; PassCount++)
{
PortName.Length = (ushort)(LpcPortName.Length * 2);
PortName.MaximumLength = (ushort)(PortName.Length + 2);
PortName.buffer = Marshal.StringToHGlobalUni(LpcPortName);
SecurityQos = new G.SECURITY_QUALITY_OF_SERVICE();
SecurityQos.Length = (uint)sizeof(G.SECURITY_QUALITY_OF_SERVICE);
SecurityQos.ImpersonationLevel = SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation;
SecurityQos.EffectiveOnly = 0;
SecurityQos.ContextTrackingMode = 1; // SECURITY_DYNAMIC_TRACKING;
// _tprintf(_T("Client: Test sending LPC data of size less than 0x%lX bytes ...\n"), MAX_LPC_DATA);
// _tprintf(_T("Client: Connecting to port \"%s\" (NtConnectPort) ...\n"), LpcPortName);
uint sss = 0;
Status = G.NativeMethods.NtConnectPort_NoMarshal(ref PortHandle,
ref PortName,
ref SecurityQos,
IntPtr.Zero,
IntPtr.Zero,
ref MaxMessageLength,
IntPtr.Zero,
ref sss);
AlpcErrorHandler.Check(Status);
// _tprintf(_T("Client: NtConnectPort result 0x%08lX\n"), Status);
// //
// // Initialize the request header, reply header and fill request text
// //
G.PORT_MESSAGE.InitializeMessageHeader(ref LpcMessage.Header, (ushort)MessageLength, 0);
G.PORT_MESSAGE.InitializeMessageHeader(ref LpcReply.Header, (ushort)ReplyLength, 0);
LpcMessage.MessageText = 123.456;
if (PassCount == 0)
{
// _tprintf(_T("Client: Sending request, reply not required (NtRequestPort)\n"));
LpcMessage.Command = 123; //LPC_COMMAND_REQUEST_NOREPLY;
IntPtr asd = Marshal.AllocHGlobal(sizeof(TRANSFERRED_MESSAGE));
Marshal.StructureToPtr(LpcMessage, asd, false);
Status = G.NativeMethods.NtRequestPort_NoMarshal(PortHandle, asd);
AlpcErrorHandler.Check(Status);
// _tprintf(_T("Client: NtRequestPort result 0x%08lX\n"), Status);
Thread.Sleep(500);
}
// //
// // SECOND PASS: Send the request and wait for reply
// //
// if(PassCount == 1)
// {
// _tprintf(_T("Client: Sending request, waiting for reply (NtRequestWaitReplyPort)\n"));
// LpcMessage->Command = LPC_COMMAND_REQUEST_REPLY;
// Status = NtRequestWaitReplyPort(PortHandle, &LpcMessage->Header, &LpcReply->Header);
// _tprintf(_T("Client: NtRequestWaitReplyPort result 0x%08lX\n"), Status);
// Sleep(500);
// }
// //
// // THIRD PASS: Send the Stop command
// //
// if(PassCount == 2)
// {
// _tprintf(_T("Client: Sending STOP request, reply not required (NtRequestPort)\n"));
// LpcMessage->Command = LPC_COMMAND_STOP;
// Status = NtRequestPort(PortHandle, &LpcMessage->Header);
// _tprintf(_T("Client: NtRequestPort result 0x%08lX\n"), Status);
// Sleep(500);
// }
// //
// // Close the connected port
// //
// if(PortHandle != NULL)
// {
// _tprintf(_T("Client: Closing the port (NtClose) \n"));
// Status = NtClose(PortHandle);
// _tprintf(_T("Client: NtClose result 0x%08lX\n"), Status);
// }
}
}
public static extern int NtConnectPort_NoMarshal(ref System.IntPtr PortHandle, ref NAlpc.UNICODE_STRING PortName, ref SECURITY_QUALITY_OF_SERVICE SecurityQos, IntPtr ClientView, IntPtr ServerView, ref uint MaxMessageLength, System.IntPtr ConnectionInformation, ref uint ConnectionInformationLength);