Improve network hostname lookup performance, Fix incorrect local address hostname lookup when using hostsfile

dmex · dmex · commit b1461f151a2a · 2019-02-24T12:54:33.000+01:00
diff --git a/ProcessHacker/ProcessHacker.vcxproj b/ProcessHacker/ProcessHacker.vcxproj
@@ -106,14 +106,14 @@
       <StringPooling>true</StringPooling>
     </ClCompile>
     <Link>
-      <AdditionalDependencies>aclui.lib;comctl32.lib;iphlpapi.lib;noarg.obj;noenv.obj;ntdll.lib;phlib.lib;shlwapi.lib;userenv.lib;uxtheme.lib;version.lib;wbemuuid.lib;windowscodecs.lib;winsta.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>aclui.lib;comctl32.lib;dnsapi.lib;iphlpapi.lib;noarg.obj;noenv.obj;ntdll.lib;phlib.lib;shlwapi.lib;userenv.lib;uxtheme.lib;version.lib;wbemuuid.lib;windowscodecs.lib;winsta.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <GenerateDebugInformation>true</GenerateDebugInformation>
       <SubSystem>Windows</SubSystem>
       <TargetMachine>MachineX86</TargetMachine>
       <MinimumRequiredVersion>6.01</MinimumRequiredVersion>
       <AdditionalLibraryDirectories>$(SolutionDir)phlib\bin\$(Configuration)$(PlatformArchitecture);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>ProcessHacker.def</ModuleDefinitionFile>
-      <DelayLoadDLLs>advapi32.dll;aclui.dll;comdlg32.dll;comctl32.dll;gdi32.dll;iphlpapi.dll;oleaut32.dll;ole32.dll;shell32.dll;shlwapi.dll;userenv.dll;user32.dll;uxtheme.dll;version.dll;winsta.dll;ws2_32.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
+      <DelayLoadDLLs>advapi32.dll;aclui.dll;comdlg32.dll;comctl32.dll;dnsapi.dll;gdi32.dll;iphlpapi.dll;oleaut32.dll;ole32.dll;shell32.dll;shlwapi.dll;userenv.dll;user32.dll;uxtheme.dll;version.dll;winsta.dll;ws2_32.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
     </Link>
     <ResourceCompile>
       <PreprocessorDefinitions>_UNICODE;UNICODE;%(PreprocessorDefinitions);$(ExternalCompilerOptions)</PreprocessorDefinitions>
@@ -138,14 +138,14 @@
       <StringPooling>true</StringPooling>
     </ClCompile>
     <Link>
-      <AdditionalDependencies>aclui.lib;comctl32.lib;iphlpapi.lib;noarg.obj;noenv.obj;ntdll.lib;phlib.lib;shlwapi.lib;userenv.lib;uxtheme.lib;version.lib;wbemuuid.lib;windowscodecs.lib;winsta.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>aclui.lib;comctl32.lib;dnsapi.lib;iphlpapi.lib;noarg.obj;noenv.obj;ntdll.lib;phlib.lib;shlwapi.lib;userenv.lib;uxtheme.lib;version.lib;wbemuuid.lib;windowscodecs.lib;winsta.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <GenerateDebugInformation>true</GenerateDebugInformation>
       <SubSystem>Windows</SubSystem>
       <TargetMachine>MachineX64</TargetMachine>
       <MinimumRequiredVersion>6.01</MinimumRequiredVersion>
       <AdditionalLibraryDirectories>$(SolutionDir)phlib\bin\$(Configuration)$(PlatformArchitecture);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>ProcessHacker.def</ModuleDefinitionFile>
-      <DelayLoadDLLs>advapi32.dll;aclui.dll;comdlg32.dll;comctl32.dll;gdi32.dll;iphlpapi.dll;oleaut32.dll;ole32.dll;shell32.dll;shlwapi.dll;userenv.dll;user32.dll;uxtheme.dll;version.dll;winsta.dll;ws2_32.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
+      <DelayLoadDLLs>advapi32.dll;aclui.dll;comdlg32.dll;comctl32.dll;dnsapi.dll;gdi32.dll;iphlpapi.dll;oleaut32.dll;ole32.dll;shell32.dll;shlwapi.dll;userenv.dll;user32.dll;uxtheme.dll;version.dll;winsta.dll;ws2_32.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
     </Link>
     <ResourceCompile>
       <PreprocessorDefinitions>_UNICODE;UNICODE;%(PreprocessorDefinitions);$(ExternalCompilerOptions)</PreprocessorDefinitions>
@@ -175,7 +175,7 @@
       <ControlFlowGuard>Guard</ControlFlowGuard>
     </ClCompile>
     <Link>
-      <AdditionalDependencies>aclui.lib;comctl32.lib;iphlpapi.lib;noarg.obj;noenv.obj;ntdll.lib;phlib.lib;shlwapi.lib;userenv.lib;uxtheme.lib;version.lib;wbemuuid.lib;windowscodecs.lib;winsta.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>aclui.lib;comctl32.lib;dnsapi.lib;iphlpapi.lib;noarg.obj;noenv.obj;ntdll.lib;phlib.lib;shlwapi.lib;userenv.lib;uxtheme.lib;version.lib;wbemuuid.lib;windowscodecs.lib;winsta.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SubSystem>Windows</SubSystem>
       <OptimizeReferences>true</OptimizeReferences>
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
@@ -184,7 +184,7 @@
       <MinimumRequiredVersion>6.01</MinimumRequiredVersion>
       <AdditionalLibraryDirectories>$(SolutionDir)phlib\bin\$(Configuration)$(PlatformArchitecture);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>ProcessHacker.def</ModuleDefinitionFile>
-      <DelayLoadDLLs>advapi32.dll;aclui.dll;comdlg32.dll;comctl32.dll;gdi32.dll;iphlpapi.dll;oleaut32.dll;ole32.dll;shell32.dll;shlwapi.dll;userenv.dll;user32.dll;uxtheme.dll;version.dll;winsta.dll;ws2_32.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
+      <DelayLoadDLLs>advapi32.dll;aclui.dll;comdlg32.dll;comctl32.dll;dnsapi.dll;gdi32.dll;iphlpapi.dll;oleaut32.dll;ole32.dll;shell32.dll;shlwapi.dll;userenv.dll;user32.dll;uxtheme.dll;version.dll;winsta.dll;ws2_32.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
       <GenerateDebugInformation>true</GenerateDebugInformation>
     </Link>
     <ResourceCompile>
@@ -213,7 +213,7 @@
       <ControlFlowGuard>Guard</ControlFlowGuard>
     </ClCompile>
     <Link>
-      <AdditionalDependencies>aclui.lib;comctl32.lib;iphlpapi.lib;noarg.obj;noenv.obj;ntdll.lib;phlib.lib;shlwapi.lib;userenv.lib;uxtheme.lib;version.lib;wbemuuid.lib;windowscodecs.lib;winsta.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>aclui.lib;comctl32.lib;dnsapi.lib;iphlpapi.lib;noarg.obj;noenv.obj;ntdll.lib;phlib.lib;shlwapi.lib;userenv.lib;uxtheme.lib;version.lib;wbemuuid.lib;windowscodecs.lib;winsta.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SubSystem>Windows</SubSystem>
       <OptimizeReferences>true</OptimizeReferences>
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
@@ -222,7 +222,7 @@
       <MinimumRequiredVersion>6.01</MinimumRequiredVersion>
       <AdditionalLibraryDirectories>$(SolutionDir)phlib\bin\$(Configuration)$(PlatformArchitecture);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>ProcessHacker.def</ModuleDefinitionFile>
-      <DelayLoadDLLs>advapi32.dll;aclui.dll;comdlg32.dll;comctl32.dll;gdi32.dll;iphlpapi.dll;oleaut32.dll;ole32.dll;shell32.dll;shlwapi.dll;userenv.dll;user32.dll;uxtheme.dll;version.dll;winsta.dll;ws2_32.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
+      <DelayLoadDLLs>advapi32.dll;aclui.dll;comdlg32.dll;comctl32.dll;dnsapi.dll;gdi32.dll;iphlpapi.dll;oleaut32.dll;ole32.dll;shell32.dll;shlwapi.dll;userenv.dll;user32.dll;uxtheme.dll;version.dll;winsta.dll;ws2_32.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
       <GenerateDebugInformation>true</GenerateDebugInformation>
     </Link>
     <ResourceCompile>
diff --git a/ProcessHacker/netprv.c b/ProcessHacker/netprv.c
@@ -4,6 +4,7 @@
  *
  * Copyright (C) 2010 wj32
  * Copyright (C) 2010 evilpie
+ * Copyright (C) 2016-2019 dmex
  *
  * This file is part of Process Hacker.
  *
@@ -284,9 +285,9 @@ PPH_STRING PhGetHostNameFromAddress(
     _In_ PPH_IP_ADDRESS Address
     )
 {
-    struct sockaddr_in ipv4Address;
-    struct sockaddr_in6 ipv6Address;
-    struct sockaddr *address;
+    SOCKADDR_IN ipv4Address;
+    SOCKADDR_IN6 ipv6Address;
+    PSOCKADDR address;
     socklen_t length;
     PPH_STRING hostName;
 
@@ -295,7 +296,7 @@ PPH_STRING PhGetHostNameFromAddress(
         ipv4Address.sin_family = AF_INET;
         ipv4Address.sin_port = 0;
         ipv4Address.sin_addr = Address->InAddr;
-        address = (struct sockaddr *)&ipv4Address;
+        address = (PSOCKADDR)&ipv4Address;
         length = sizeof(ipv4Address);
     }
     else if (Address->Type == PH_IPV6_NETWORK_TYPE)
@@ -305,7 +306,7 @@ PPH_STRING PhGetHostNameFromAddress(
         ipv6Address.sin6_flowinfo = 0;
         ipv6Address.sin6_addr = Address->In6Addr;
         ipv6Address.sin6_scope_id = 0;
-        address = (struct sockaddr *)&ipv6Address;
+        address = (PSOCKADDR)&ipv6Address;
         length = sizeof(ipv6Address);
     }
     else
@@ -350,6 +351,84 @@ PPH_STRING PhGetHostNameFromAddress(
     return hostName;
 }
 
+PPH_STRING PhpGetIp4ReverseNameFromAddress(
+    _In_ IN_ADDR Address
+    )
+{
+    return PhFormatString(
+        L"%u.%u.%u.%u.%s",
+        Address.s_impno,
+        Address.s_lh,
+        Address.s_host,
+        Address.s_net,
+        DNS_IP4_REVERSE_DOMAIN_STRING_W
+        );
+}
+
+PPH_STRING PhpGetIp6ReverseNameFromAddress(
+    _In_ IN6_ADDR Address
+    )
+{
+    PH_STRING_BUILDER stringBuilder;
+
+    PhInitializeStringBuilder(&stringBuilder, 32);
+
+    for (INT i = sizeof(IN6_ADDR) - 1; i >= 0; i--)
+    {
+        PhAppendFormatStringBuilder(
+            &stringBuilder,
+            L"%x.%x.",
+            Address.s6_addr[i] & 0xF,
+            (Address.s6_addr[i] >> 4) & 0xF
+            );
+    }
+
+    PhAppendStringBuilder2(&stringBuilder, DNS_IP6_REVERSE_DOMAIN_STRING_W);
+
+    return PhFinalStringBuilderString(&stringBuilder);
+}
+
+PPH_STRING PhGetHostNameFromAddressEx(
+    _In_ PPH_IP_ADDRESS Address
+    )
+{
+    PPH_STRING addressHostName = NULL;
+    PPH_STRING addressReverse = NULL;
+    PDNS_RECORD addressResults = NULL;
+
+    if (Address->Type == PH_IPV4_NETWORK_TYPE)
+    {
+        addressReverse = PhpGetIp4ReverseNameFromAddress(Address->InAddr);
+    }
+    else if (Address->Type == PH_IPV6_NETWORK_TYPE)
+    {
+        addressReverse = PhpGetIp6ReverseNameFromAddress(Address->In6Addr);
+    }
+    else
+    {
+        return NULL;
+    }
+
+    DnsQuery(
+        addressReverse->Buffer,
+        DNS_TYPE_PTR,
+        DNS_QUERY_BYPASS_CACHE | DNS_QUERY_NO_HOSTS_FILE,
+        NULL,
+        &addressResults,
+        NULL
+        );
+
+    if (addressResults)
+    {
+        addressHostName = PhCreateString(addressResults->Data.PTR.pNameHost); // Return the first result (dmex)
+        DnsRecordListFree(addressResults, DnsFreeRecordList);
+    }
+
+    PhDereferenceObject(addressReverse);
+
+    return addressHostName;
+}
+
 NTSTATUS PhpNetworkItemQueryWorker(
     _In_ PVOID Parameter
     )
@@ -366,7 +445,7 @@ NTSTATUS PhpNetworkItemQueryWorker(
 
     if (!cacheItem)
     {
-        hostString = PhGetHostNameFromAddress(&data->Address);
+        hostString = PhGetHostNameFromAddressEx(&data->Address);
 
         if (hostString)
         {
@@ -492,8 +571,7 @@ VOID PhNetworkProviderUpdate(
     if (!NetworkImportDone)
     {
         WSADATA wsaData;
-
-        // Make sure WSA is initialized.
+        // Make sure WSA is initialized. (wj32)
         WSAStartup(WINSOCK_VERSION, &wsaData);
         NetworkImportDone = TRUE;
     }
