PureBasic Forums - English

http://www.purebasic.com
https://www.purebasic.fr/english/

Enumerating available Transport Protocol Providers

https://www.purebasic.fr/english/viewtopic.php?t=47381

Page 1 of 1

Enumerating available Transport Protocol Providers

Posted: Mon Aug 29, 2011 7:30 pm
by SFSxOI
Finished with the test bed code, thought it might help someone. for x 86, preferably Windows 7 but modify to use. Enjoy :)

Code: Select all

; NOTE: This is intended for use on Windows 7 systems and not for below Windows Vista - with Winsock version 2.2 or greater
; test bed code works windows 2K and greater - may need to change WSAStartup($0202,@wsaData.WSADATA) to WSAStartup($0101,@wsaData.WSADATA) for below Windows Vista
; "test bed" code : may contain bugs or errors which will be corrected in the final version

#XP1_CONNECTIONLESS = $00000001
#XP1_GUARANTEED_DELIVERY = $00000002
#XP1_GUARANTEED_ORDER = $00000004
#XP1_MESSAGE_ORIENTED = $00000008
#XP1_PSEUDO_STREAM = $00000010
#XP1_GRACEFUL_CLOSE = $00000020
#XP1_EXPEDITED_DATA = $00000040
#XP1_CONNECT_DATA = $00000080
#XP1_DISCONNECT_DATA = $00000100
#XP1_SUPPORT_BROADCAST = $00000200
#XP1_SUPPORT_MULTIPOINT = $00000400
#XP1_MULTIPOINT_CONTROL_PLANE = $00000800
#XP1_MULTIPOINT_DATA_PLANE = $00001000
#XP1_QOS_SUPPORTED = $00002000
#XP1_INTERRUPT = $00004000 ; this bit is reserved
#XP1_UNI_SEND = $00008000
#XP1_UNI_RECV = $00010000
#XP1_IFS_HANDLES = $00020000
#XP1_PARTIAL_MESSAGE = $00040000
#XP1_SAN_SUPPORT_SDP = $00080000

#IPPROTO_ICMP = 1
#IPPROTO_IGMP = 2
#BTHPROTO_RFCOMM = 3
#IPPROTO_TCP = 6
#IPPROTO_UDP = 17
#IPPROTO_ICMPV6 = 58
#IPPROTO_RM = 113

#PFL_MULTIPLE_PROTO_ENTRIES = $00000001
#PFL_RECOMMENDED_PROTO_ENTRY = $00000002
#PFL_HIDDEN = $00000004
#PFL_MATCHES_PROTOCOL_ZERO = $00000008
#PFL_NETWORKDIRECT_PROVIDER = $00000010

#MAX_PROTOCOL_CHAIN = 7
#WSAPROTOCOL_LEN = 255

#AF_IPX = 6 ; = #AF_NS ; IPX protocols: IPX, SPX, etc.
#AF_INET6 = 23

#AF_NETBIOS = 17
#AF_IRDA = 26
#AF_BTH = 32

Structure WSAPROTOCOLCHAIN
  ChainLen.i
  ChainEntries.i[#MAX_PROTOCOL_CHAIN]
EndStructure

Structure WSAPROTOCOL_INFOW
  dwServiceFlags1.l
  dwServiceFlags2.l
  dwServiceFlags3.l
  dwServiceFlags4.l
  dwProviderFlags.l
  ProviderId.b[16]
  dwCatalogEntryId.l
  ProtocolChain.WSAPROTOCOLCHAIN 
  iVersion.i
  iAddressFamily.i
  iMaxSockAddr.i
  iMinSockAddr.i
  iSocketType.i
  iProtocol.i
  iProtocolMaxOffset.i
  iNetworkByteOrder.i
  iSecurityScheme.i
  dwMessageSize.l
  dwProviderReserved.l
  szProtocol.w[#WSAPROTOCOL_LEN+1]
EndStructure

Structure WSABUFFERPROTOCOL
  buf.WSAPROTOCOL_INFOW[0]
EndStructure

Prototype PWSAStartup(wVersionRequested, lpWSAData)
Prototype PStringFromGUID2(rguid, lpsz, cchMax)
Prototype PWSACleanup()
Prototype PWSCEnumProtocols(lpiProtocols, lpProtocolBuffer, lpdwBufferLength, lpErrno)
Prototype PWSCGetProviderPath(lpProviderId, lpszProviderDllPath, lpProviderDllPathLen, lpErrno) ; returns a wide character string

Global WSAStartup.PWSAStartup
Global StringFromGUID2.PStringFromGUID2
Global WSACleanup.PWSACleanup
Global WSCEnumProtocols.PWSCEnumProtocols
Global WSCGetProviderPath.PWSCGetProviderPath

Procedure LoadLibraries()
Global Lib_Winsock.i, Lib_Ole32.i

Lib_Winsock = OpenLibrary(#PB_Any,"ws2_32.dll")
If Lib_Winsock
  WSAStartup.PWSAStartup=GetFunction(Lib_Winsock,"WSAStartup")
  WSACleanup.PWSACleanup=GetFunction(Lib_Winsock,"WSACleanup")
  WSCEnumProtocols.PWSCEnumProtocols=GetFunction(Lib_Winsock,"WSCEnumProtocols")
  WSCGetProviderPath.PWSCGetProviderPath=GetFunction(Lib_Winsock,"WSCGetProviderPath")
EndIf

Lib_Ole32 = OpenLibrary(#PB_Any,"Ole32.dll")
If Lib_Ole32
  StringFromGUID2.PStringFromGUID2=GetFunction(Lib_Ole32,"StringFromGUID2")
EndIf

If Lib_Winsock <> 0 And Lib_Ole32 <> 0
  ProcedureReturn #True
Else
  ProcedureReturn #False
EndIf

EndProcedure


LoadLibraries()

;Declare And initialize variables
iResult.i = 0
iNuminfo.i = 0
i.i
dwBufferLen.i = 16384
*buffproto.WSABUFFERPROTOCOL = #Null
*lpProtoInfo.WSAPROTOCOL_INFOW = #Null
iErrno.i = 0
lpErrno.i
lpProviderDllPathLen = #MAX_PATH
iRet = 0

;Initialize Winsock
If WSAStartup($0202,@wsaData.WSADATA) <> 0 ; windows Vista and up
  Debug "WSAStartup failed"
  End
EndIf
; WSAStartup($0101,@wsaData.WSADATA) ; below windows Vista

*buffproto = AllocateMemory(dwBufferLen)
If *buffproto = #Null
  Debug "Memory allocation for providers buffer failed"
  WSACleanup()
  End
EndIf

iNuminfo = WSCEnumProtocols(#Null, #Null, @dwBufferLen, @iErrno) ; call it the first time for the size
If iNuminfo = #SOCKET_ERROR
  If iErrno <> #WSAENOBUFS
    Debug "WSCEnumProtocols failed with error : " +Str(iErrno)
    If *buffproto
      FreeMemory(*buffproto)
      *buffproto = #Null
      WSACleanup()
      End
    Else
      Debug "WSCEnumProtocols failed with error : WSAENOBUFS " + Str(iErrno)
      Debug "Increasing buffer size to " +Str(dwBufferLen)
      If *buffproto
        FreeMemory(*buffproto)
        *buffproto = #Null
        *buffproto = AllocateMemory(dwBufferLen)
        If *buffproto = #Null
          Debug "Memory allocation increase for buffer failed"
          WSACleanup()
          End
        EndIf
      EndIf
    EndIf
  EndIf
EndIf

*lpProtoInfo = *buffproto

iNuminfo = WSCEnumProtocols(#Null, *lpProtoInfo, @dwBufferLen, @iErrno); call it the second time for the info
If iNuminfo = #SOCKET_ERROR
  Debug "WSCEnumProtocols failed with error : " + Str(iErrno)
  If *lpProtoInfo
    FreeMemory(*lpProtoInfo)
    *lpProtoInfo = #Null
    WSACleanup()
    End
  EndIf
EndIf

;When providers are installed, a dummy provider is installed/created to aid in installation/implementation of the provider. An application that calls WSAEnumProtocols will not see any entry 
;with a chain length of zero or if it is a dummy provider; only WSCEnumProtocols will return these chain length zero and dummy provider entries, along with all other entries. 
;When trying to see these entries you need to use WSCEnumProtocols or you'll never see the provider dummy or chain length zero entries and only see the base and layered chain 
;non-zero and non-dummy entries. With increasing sophistication of malicious items such as virus, trojam, worm, root kit, and other malicious applications, its become possible for a 
;malicious item to subvert these dummy and zero length, or non-zero length and non-dummy, entries for their own purpose such as installing communications 'back doors' into a system 
;and not detectable by the common protection packages which rely on actual direct activity of the malicious file, or signatures, for detection but do nothing to detect activity for 
;things which are normally on a system such as these zero length, non-zero length, dummy, and non-dummy, items. There is only one package on the market, a specialized forensic package 
;costing over $3000.00 per license, which will explore this area in a comprehensive manner (actually more deeply than what is shown here), so its possible for malicious activity here to remain 
;undetected for a long time until something happens which points to this area (rare) or someone actually checks or the user thinks something is wrong by indicators such as abnormal data 
;usage or things simply not acting correctly communications wise but there are no indicators from normal AV/anti-malware packages. Some of the more recent hijacking activity techniques also 
;seems to favor attacking this area.
;
;Additionally, finding a problem here can also be the cause of things, such as abnormally high ping in on-line games, or slow, or no, loading of, or access to, network resources such as shares.
;It is also possible for a poorly designed and implemented provider for an application to have corrupted an existing entry and cause problems.
;
;Being able to see all the available transport protocol's basic information, including the dummy or chain length zero entries, allows us a chance to detect malicious, or other, activity and/or problems
;in this area when compared against the norm.
;
;We load all the functions from the proper .dll's in this example and do not use the 'function_(etc....)' use of PureBasic implementation of these API functions. We do this to make sure PB
;is not interactive in the API function implementation and to help ensure that malicious activity detection (implemented later) for winsock is isolated from PB to avoid any possibility of false detection. 

Debug "Winsock Catalog Available Transport Protocol Provider Entry (number available = " + Str(iNuminfo) + ")" 

For i = 0 To iNuminfo - 1
  
  Debug "----------------------------------------------------------"
  
  If *buffproto\buf[i]\ProtocolChain\ChainLen = 1
    entrytype$ = "Base Service Provider"
  ElseIf *buffproto\buf[i]\ProtocolChain\ChainLen = 0
    entrytype$ = "Layered Chain Entry"
  Else
    If *buffproto\buf[i]\ProtocolChain\ChainLen > 1
      entrytype$ = "A protocol chain consisting of one or more layered protocols on top of a base protocol."
    EndIf
  EndIf
  
  Debug "Entry type : " + entrytype$
  
  If entrytype$ = "Layered Chain Entry"
    Debug "(Note: A layered protocol is one that implements only higher level communications functions while relying on an underlying transport stack for actual data exchange with a remote endpoint.)"
  EndIf
  
  Debug "Description : " + PeekS(@*buffproto\buf[i]\szProtocol, -1, #PB_Unicode)
  
  *BufGuid = AllocateMemory(80)
  iRet = StringFromGUID2(@*buffproto\buf[i]\ProviderId, *BufGuid, 79)
  guid$ = PeekS(*BufGuid, -1, #PB_Unicode)
  FreeMemory(*BufGuid)
  
  Debug "Provider ID : " + guid$
  
  *lpszProviderDllPath = AllocateMemory(#MAX_PATH)
  wscerr.i = WSCGetProviderPath(@*buffproto\buf[i]\ProviderId, *lpszProviderDllPath, @lpProviderDllPathLen, @lpErrno)
  provpath$ = PeekS(*lpszProviderDllPath, -1, #PB_Unicode)
  FreeMemory(*lpszProviderDllPath)
  If provpath$ = ""
    *lpszProviderDllPath = #Null
    *lpszProviderDllPath = AllocateMemory(#MAX_PATH)
    wscerr.i = WSCGetProviderPath(@*buffproto\buf[i]\ProviderId, *lpszProviderDllPath, @lpProviderDllPathLen, @lpErrno)
    provpath$ = PeekS(*lpszProviderDllPath, -1, #PB_Unicode)
    FreeMemory(*lpszProviderDllPath)
  EndIf
  Debug "Provider Path : " + provpath$
  
  Debug "Catalog Entry ID : " + Str(*buffproto\buf[i]\dwCatalogEntryId)
  Debug "Version : " + Str(*buffproto\buf[i]\iVersion)
  
  Select *buffproto\buf[i]\iAddressFamily
    Case #AF_INET
      family$ = "The Internet Protocol version 4 (IPv4) address family."
    Case #AF_IPX
      family$ = "The IPX/SPX address family. Only supported if NWLink IPX/SPX NetBIOS Compatible Transport installed. Not supported on Windows Vista and later."
    Case #AF_APPLETALK
      family$ = "The AppleTalk address family. This address family is only supported if AppleTalk protocol is installed. Not supported on Windows Vista and later."
    Case #AF_NETBIOS
      family$ = "The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed."
    Case #AF_INET6
      family$ = "The Internet Protocol version 6 (IPv6) address family."
    Case #AF_IRDA
      family$ = "The Infrared Data Association (IrDA) address family. Only supported if computer has an infrared port and driver installed."
    Case #AF_BTH
      family$ = "The Bluetooth address family. Computer must have Bluetooth adapter and driver installed."
    Default
      family$ = "Unknown or undefined family type."
  EndSelect
  
  Debug "Address Family : " + family$ + " (" + Str(*buffproto\buf[i]\iAddressFamily) + ")"
  Debug "Maximum Address length : " + Str(*buffproto\buf[i]\iMaxSockAddr)
  Debug "Minimum Address length : " + Str(*buffproto\buf[i]\iMinSockAddr)
  
  Select *buffproto\buf[i]\iSocketType
    Case #SOCK_STREAM
      socktype$ = "Provides sequenced, reliable, two-way, connection-based byte streams with OOB Data transmission mechanism. Uses Transmission Control Protocol (TCP) for Internet address familys IPv4 and IPv6."
    Case #SOCK_DGRAM
      socktype$ = "Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6."
    Case #SOCK_RAW
      socktype$ = "Provides raw socket allowing an application to manipulate next upper-layer protocol header. To manipulate the IPv4 header, the IP_HDRINCL option must be set on socket. To manipulate IPv6 header IPV6_HDRINCL option must be set on the socket."
    Case #SOCK_RDM
      socktype$ = "Provides a reliable message datagram. Only supported If the Reliable Multicast Protocol is installed."
    Case #SOCK_SEQPACKET
      socktype$ = "Provides a pseudo-stream packet based on datagrams."
    Default
      socktype$ = "Unknown or undefined socket type"
  EndSelect
  
  Debug "Socket Type : " + socktype$ + " (" + Str(*buffproto\buf[i]\iSocketType) + ")"
  
  Select *buffproto\buf[i]\iProtocol
    Case #IPPROTO_ICMP
      ipproto$ = "Internet Control Message Protocol (ICMP)."
    Case #IPPROTO_IGMP
      ipproto$ = "Internet Group Management Protocol (IGMP)."
    Case #BTHPROTO_RFCOMM
      ipproto$ = "Bluetooth Radio Frequency Communications (Bluetooth RFCOMM) protocol."
    Case #IPPROTO_TCP
      ipproto$ = "Transmission Control Protocol (TCP)."
    Case #IPPROTO_UDP
      ipproto$ = "User Datagram Protocol (UDP)."
    Case #IPPROTO_ICMPV6
      ipproto$ = "Internet Control Message Protocol Version 6 (ICMPv6)."
    Case #IPPROTO_RM
      ipproto$ = "PGM protocol For reliable multicast. Only supported if the Reliable Multicast Protocol is installed."
    Default
      ipproto$ = "Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID."
  EndSelect
  
  Debug "Protocol : " + ipproto$ + " (" + Str(*buffproto\buf[i]\iProtocol) + ")"
  
  Select *buffproto\buf[i]\dwProviderFlags
    Case #PFL_MULTIPLE_PROTO_ENTRIES
      pfl$ = "This is one of two or more entries for a single protocol (from a given provider) capable of implementing multiple behaviors."
    Case #PFL_RECOMMENDED_PROTO_ENTRY
      pfl$ = "This is the recommended or most frequently used entry for a protocol that is capable of implementing multiple behaviors."
    Case #PFL_HIDDEN
      pfl$ = "Set by a provider indicating to Ws2_32.dll this protocol should not be returned in buffer generated by WSCEnumProtocols. Obviously, a Windows Sockets 2 application should never see an entry with this bit set."
    Case #PFL_MATCHES_PROTOCOL_ZERO
      pfl$ = "A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry."
    Case #PFL_NETWORKDIRECT_PROVIDER
      pfl$ = "Set by a provider indicating support for network direct access (supported Windows 7 and Windows Server 2008 R2 only)."
    Default
      pfl$ = "Unknown or provider flags not set (most likely)"
  EndSelect
  
  If *buffproto\buf[i]\dwProviderFlags = #PFL_HIDDEN
    Debug "Warning !!!!! Provider bit set to hide entry from protocol enumeration."
    Debug pfl$
    Debug "Warning !!!!! Provider bit set to hide entry from protocol enumeration."
  Else
    Debug "ProviderFlags : " + pfl$
  EndIf
  
  Debug "Protocol Chain Length : " + Str(*buffproto\buf[i]\ProtocolChain\ChainLen)
  
  Debug "Service Flags : " + "0x" +Hex(*buffproto\buf[i]\dwServiceFlags1) + "(below flags are set by provider vendor and do not indicate how the protocol functions or operates.)"
  
  ;// Check which bit flags are set.
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_CONNECTIONLESS)
    Debug "    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_GUARANTEED_DELIVERY)
    Debug "    Protocol guarantees that all data sent will reach the intended destination."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_GUARANTEED_ORDER)
    Debug "    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_MESSAGE_ORIENTED)
    Debug "    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_PSEUDO_STREAM)
    Debug "    Protocol is message-oriented protocol, but message boundaries are ignored for receipts. Convenient when application does not desire message framing done by protocol."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_GRACEFUL_CLOSE)
    Debug "    Protocol supports two-phase (graceful) close. If not set, only abortive closes performed."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_EXPEDITED_DATA)
    Debug "    Protocol supports expedited (urgent) data."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_CONNECT_DATA)
    Debug "    Protocol supports connect data."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_DISCONNECT_DATA)
    Debug "    Protocol supports disconnect data."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_SUPPORT_BROADCAST)
    Debug "    Protocol supports a broadcast mechanism."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_SUPPORT_MULTIPOINT)
    Debug "    Protocol supports a multipoint or multicast mechanism. Control and data plane attributes are indicated below :"
  EndIf
  
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_SUPPORT_MULTIPOINT)
    If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_MULTIPOINT_CONTROL_PLANE) ;= 1
      Debug "           Protocol control plane is rooted (value = 1)."
    Else
      Debug "           Protocol control plane is nonrooted (value = 0)."
    EndIf
    If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_MULTIPOINT_DATA_PLANE) ;= 1
      Debug "           Protocol data plane is rooted (value = 1)."
    Else
      Debug "           Protocol data plane is nonrooted (value = 0)."
    EndIf
  EndIf
  
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_QOS_SUPPORTED)
    Debug "    Protocol supports quality of service requests."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_INTERRUPT)
    Debug "    This bit is reserved."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_UNI_SEND)
    Debug "    Protocol is unidirectional in the send direction."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_UNI_RECV)
    Debug "    Protocol is unidirectional in the recv direction"
  EndIf
  
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_UNI_SEND) = 0 And (*buffproto\buf[i]\dwServiceFlags1 & #XP1_UNI_RECV) = 0
    Debug "    Protocol is considered to be bidirectional."
  EndIf
  
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_IFS_HANDLES)
    Debug "    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_PARTIAL_MESSAGE)
    Debug "    Protocol MSG_PARTIAL flag is supported in WSASend and WSASendTo."
  EndIf
  If (*buffproto\buf[i]\dwServiceFlags1 & #XP1_SAN_SUPPORT_SDP)
    Debug "    Protocol provides support for SAN. Supported on Windows 7 And Windows Server 2008 R2."
  EndIf
  
Next

If *lpProtoInfo
  FreeMemory(*lpProtoInfo)
  *lpProtoInfo = #Null
EndIf


WSACleanup()
CloseLibrary(Lib_Winsock)
CloseLibrary(Lib_Ole32)

Re: Enumerating available Transport Protocol Providers

Posted: Tue Aug 30, 2011 10:09 pm
by buddymatkona
Thanks SFSxOI . I like having source examples for this kind of thing. Your data generally matches what I get from

Code: Select all

netsh winsock show catalog > MyList.txt
There was a problem however with entries from "Version" through "Protocol" that looked like oversize integers being used.
I was running the 64 bit versions of PB 4.51 and Windows 7.

Also in terms of the overall number of Transport Protocol Providers, Windows 7-64 lists 20 to your 10 due to listing
a separate Base Service Provider (32) for each Base Service Provider.

Re: Enumerating available Transport Protocol Providers

Posted: Wed Aug 31, 2011 1:55 am
by SFSxOI
Thats possibly because I used API functions for all x86 (as the code was intended for x86), there is a 64 bit equal for the API's used. For example, replace WSCEnumProtocols With WSCEnumProtocols32 and replace WSCGetProviderPath With WSCGetProviderPath32 - on 64 bit systems ...

This was only test bed code, the final version will have anything needing correction - corrected.

For a default install of Windows 7 x86, with full support in drivers and hardware, the number is 22.

Try changing out the API functions with the ones intended for use on 64 bit and see what happens. As its written now, the posted code works here on several x86 Windows 7 test machines just fine and reports correctly.

That 'seperate' 'additional' (if I understand your post correctly) base provider is most likely a dummy (or zero length chain) provider thats installed/created as explained in the code comments. They are supposed to show up with the WSC version of the enum API (but is not supposed to show with the WSA version) - if they do not show up with the WSC versions then there may be a problem somewhere on the target machine. There is nothing really different between the OS flavors for providers (just more of a pain to install a provider on 64 bit). People always think that 64 bit means something special and everything in the OS is 64 bit, it doesn't mean anything special in this aspect.

You can check out what is supposed to be there by using a netsh command in an administrator command prompt. The command is 'netsh winsock show catalog' (without the ' ') and you will get a list of the transport protocol's like this code provides plus a list of active name spaces at the bottom of the list. There is seperate code for the active name spaces, this is the basic code for those active name spaces:

(NOTE: you will need to add your own calls to the .dll to get the API for the name spaces code if you need to do so, I did not include it here.)

Code: Select all


Structure WSANAMESPACE_INFO ;->Structure WSANAMESPACE_INFO
  NSProviderId.b[16]
  dwNameSpace.l
  fActive.l
  dwVersion.l
  lpszIdentifier.s
EndStructure

Structure WSABUFFER
  buf.WSANAMESPACE_INFO[0]
EndStructure

Procedure ActiveNameSpace()
*buff.WSABUFFER = #Null ; char
*ns.WSANAMESPACE_INFO = #Null
ret.i
i.i
dwSize.i

; start up winsock - version 2.2 - if you have not already called WSAStartup then uncomment below
; If WSAStartup($0202,@wsaData.WSADATA) <> 0
;   Debug "WSAStartup failed"
;   End
; EndIf

;Call the API With a NULL buffer to get buffer size we need
dwSize = 0
ret = WSAEnumNameSpaceProviders(@dwSize, #Null)
If ret <> #SOCKET_ERROR
  Debug "Shouldn't be here!"
Else
  ;Debug "WSAEnumNameSpaceProviders() should be OK"
  ; allocate dwSize
  *buff = AllocateMemory(dwSize)
  If *buff = #Null
    Debug "Failed to allocate memory for buff"
    WSACleanup()
    CloseLibrary(Lib_iphlpapi)
    CloseLibrary(Lib_Winsock)
    CloseLibrary(Lib_Ntdll)
    CloseLibrary(Lib_Wininet)
    CloseLibrary(Lib_Ole32)
    CloseLibrary(Lib_Winhttp)
    End
  Else
    ;Debug "Allocate memory for buff is OK - size is : " +Str(dwSize)
  EndIf
EndIf

;Make the call again to get info

*ns = *buff

ret = WSAEnumNameSpaceProviders(@dwSize, *ns)
If ret = #SOCKET_ERROR
  Debug "WSAEnumNameSpaceProviders() failed with error code " + Str(WSAGetLastError_())
  FreeMemory(*buff)
  WSACleanup()
  CloseLibrary(Lib_iphlpapi)
  CloseLibrary(Lib_Winsock)
  CloseLibrary(Lib_Ntdll)
  CloseLibrary(Lib_Wininet)
  CloseLibrary(Lib_Ole32)
  CloseLibrary(Lib_Winhttp)
  End
Else
  Debug "Winsock Catalog Active Name Space (number available = " + Str(ret) + ")"
EndIf

For i = 0 To ret - 1
  
  Debug "----------------------------------------------------------"
  
Debug "Description : " + PeekS(@*buff\buf[i]\lpszIdentifier)

*BufGuid = AllocateMemory(80)
iRet = StringFromGUID2_(@*buff\buf[i]\NSProviderId, *BufGuid, 79)
guid$ = PeekS(*BufGuid, -1, #PB_Unicode)
FreeMemory(*BufGuid) ; if read error here then allocatememory for *BufGuid may be too small

Debug "Provider ID : " + guid$

Select *buff\buf[i]\dwNameSpace
  Case #NS_DNS
    dwNameSpace$ = "Domain Name System "
  Case #NS_WINS
    dwNameSpace$ = "Windows Internet Naming Service "
  Case #NS_NETBT
    dwNameSpace$ = "NetBIOS " 
  Case #NS_NTDS
    dwNameSpace$ = "Windows NT Directory Services "
  Case #NS_NLA
    dwNameSpace$ = "Network Location Awareness "
  Case #NS_BTH
    dwNameSpace$ = "Bluetooth "
  Case #NS_EMAIL
    dwNameSpace$ = "Email " 
  Case #NS_PNRPNAME
    dwNameSpace$ = "Peer-to-peer "
  Case #NS_PNRPCLOUD
    dwNameSpace$ = "Peer-to-peer collection "
  Default
    dwNameSpace$ = "Other value "
EndSelect

Debug "Name Space : " + dwNameSpace$ + "( " + Str(*buff\buf[i]\dwNameSpace) + " )"

If *buff\buf[i]\fActive = 1
  fActive$ = "Yes"
Else
  fActive$ = "No"
EndIf

Debug "Active : " + fActive$

Debug "Version : " + Str(*buff\buf[i]\dwVersion)

Next
; if you did WSAStartUp then also don not forget
; WSACleanup() ; when your done with winsock
EndProcedure
A note on name spaces, only the ones that are active are suppose to return in a query. If you see one that shows up in a query but its not marked as active then there could be a problem.

This is what a default fully supporting x86 Windows 7 install provides for transport providers and name spaces (including with Windows Live which are the name space entries at the very bottom):

Code: Select all

Winsock Catalog Available Transport Protocol Provider Entry (number available = 22)
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD Tcpip [TCP/IP]
Provider ID : {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1001
Version : 2
Address Family : The Internet Protocol version 4 (IPv4) address family. (2)
Maximum Address length : 16
Minimum Address length : 16
Socket Type : Provides sequenced, reliable, two-way, connection-based byte streams with OOB Data transmission mechanism. Uses Transmission Control Protocol (TCP) for Internet address familys IPv4 and IPv6. (1)
Protocol : Transmission Control Protocol (TCP). (6)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x20066 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol supports two-phase (graceful) close. If not set, only abortive closes performed.
    Protocol supports expedited (urgent) data.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD Tcpip [UDP/IP]
Provider ID : {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1002
Version : 2
Address Family : The Internet Protocol version 4 (IPv4) address family. (2)
Maximum Address length : 16
Minimum Address length : 16
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : User Datagram Protocol (UDP). (17)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x20609 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol supports a multipoint or multicast mechanism. Control and data plane attributes are indicated below :
           Protocol control plane is nonrooted (value = 0).
           Protocol data plane is nonrooted (value = 0).
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD Tcpip [RAW/IP]
Provider ID : {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1003
Version : 2
Address Family : The Internet Protocol version 4 (IPv4) address family. (2)
Maximum Address length : 16
Minimum Address length : 16
Socket Type : Provides raw socket allowing an application to manipulate next upper-layer protocol header. To manipulate the IPv4 header, the IP_HDRINCL option must be set on socket. To manipulate IPv6 header IPV6_HDRINCL option must be set on the socket. (3)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (0)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x20609 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol supports a multipoint or multicast mechanism. Control and data plane attributes are indicated below :
           Protocol control plane is nonrooted (value = 0).
           Protocol data plane is nonrooted (value = 0).
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD Tcpip [TCP/IPv6]
Provider ID : {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1004
Version : 2
Address Family : The Internet Protocol version 6 (IPv6) address family. (23)
Maximum Address length : 28
Minimum Address length : 28
Socket Type : Provides sequenced, reliable, two-way, connection-based byte streams with OOB Data transmission mechanism. Uses Transmission Control Protocol (TCP) for Internet address familys IPv4 and IPv6. (1)
Protocol : Transmission Control Protocol (TCP). (6)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x20066 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol supports two-phase (graceful) close. If not set, only abortive closes performed.
    Protocol supports expedited (urgent) data.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD Tcpip [UDP/IPv6]
Provider ID : {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1005
Version : 2
Address Family : The Internet Protocol version 6 (IPv6) address family. (23)
Maximum Address length : 28
Minimum Address length : 28
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : User Datagram Protocol (UDP). (17)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x20609 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol supports a multipoint or multicast mechanism. Control and data plane attributes are indicated below :
           Protocol control plane is nonrooted (value = 0).
           Protocol data plane is nonrooted (value = 0).
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD Tcpip [RAW/IPv6]
Provider ID : {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1006
Version : 2
Address Family : The Internet Protocol version 6 (IPv6) address family. (23)
Maximum Address length : 28
Minimum Address length : 28
Socket Type : Provides raw socket allowing an application to manipulate next upper-layer protocol header. To manipulate the IPv4 header, the IP_HDRINCL option must be set on socket. To manipulate IPv6 header IPV6_HDRINCL option must be set on the socket. (3)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (0)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x20609 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol supports a multipoint or multicast mechanism. Control and data plane attributes are indicated below :
           Protocol control plane is nonrooted (value = 0).
           Protocol data plane is nonrooted (value = 0).
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : RSVP TCPv6 Service Provider
Provider ID : {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1011
Version : 2
Address Family : The Internet Protocol version 6 (IPv6) address family. (23)
Maximum Address length : 28
Minimum Address length : 28
Socket Type : Provides sequenced, reliable, two-way, connection-based byte streams with OOB Data transmission mechanism. Uses Transmission Control Protocol (TCP) for Internet address familys IPv4 and IPv6. (1)
Protocol : Transmission Control Protocol (TCP). (6)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x22066 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol supports two-phase (graceful) close. If not set, only abortive closes performed.
    Protocol supports expedited (urgent) data.
    Protocol supports quality of service requests.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : RSVP TCP Service Provider
Provider ID : {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1012
Version : 2
Address Family : The Internet Protocol version 4 (IPv4) address family. (2)
Maximum Address length : 16
Minimum Address length : 16
Socket Type : Provides sequenced, reliable, two-way, connection-based byte streams with OOB Data transmission mechanism. Uses Transmission Control Protocol (TCP) for Internet address familys IPv4 and IPv6. (1)
Protocol : Transmission Control Protocol (TCP). (6)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x22066 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol supports two-phase (graceful) close. If not set, only abortive closes performed.
    Protocol supports expedited (urgent) data.
    Protocol supports quality of service requests.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : RSVP UDPv6 Service Provider
Provider ID : {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1013
Version : 2
Address Family : The Internet Protocol version 6 (IPv6) address family. (23)
Maximum Address length : 28
Minimum Address length : 28
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : User Datagram Protocol (UDP). (17)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x22609 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol supports a multipoint or multicast mechanism. Control and data plane attributes are indicated below :
           Protocol control plane is nonrooted (value = 0).
           Protocol data plane is nonrooted (value = 0).
    Protocol supports quality of service requests.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : RSVP UDP Service Provider
Provider ID : {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1014
Version : 2
Address Family : The Internet Protocol version 4 (IPv4) address family. (2)
Maximum Address length : 16
Minimum Address length : 16
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : User Datagram Protocol (UDP). (17)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x22609 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol supports a multipoint or multicast mechanism. Control and data plane attributes are indicated below :
           Protocol control plane is nonrooted (value = 0).
           Protocol data plane is nonrooted (value = 0).
    Protocol supports quality of service requests.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip_{900F6D10-9D5C-434C-B1CC-7D8F53079D05}] SEQPACKET 6
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1339
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Provides a pseudo-stream packet based on datagrams. (5)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-6)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x2000E (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip_{900F6D10-9D5C-434C-B1CC-7D8F53079D05}] DATAGRAM 6
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1340
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-6)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x20209 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{80672C7B-F4B8-4C18-B642-B73A86AC3580}] SEQPACKET 5
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1341
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Provides a pseudo-stream packet based on datagrams. (5)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-5)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x2000E (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{80672C7B-F4B8-4C18-B642-B73A86AC3580}] DATAGRAM 5
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1342
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-5)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x20209 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{900F6D10-9D5C-434C-B1CC-7D8F53079D05}] SEQPACKET 7
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1343
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Provides a pseudo-stream packet based on datagrams. (5)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-7)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x2000E (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{900F6D10-9D5C-434C-B1CC-7D8F53079D05}] DATAGRAM 7
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1344
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-7)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x20209 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7AD4C364-A77F-4B1A-BE9E-80420A6171C6}] SEQPACKET 4
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1345
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Provides a pseudo-stream packet based on datagrams. (5)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-4)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x2000E (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7AD4C364-A77F-4B1A-BE9E-80420A6171C6}] DATAGRAM 4
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1346
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-4)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x20209 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{2E3B0927-7368-43E4-BDE7-9AABDBA79F95}] SEQPACKET 3
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1347
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Provides a pseudo-stream packet based on datagrams. (5)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-3)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x2000E (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{2E3B0927-7368-43E4-BDE7-9AABDBA79F95}] DATAGRAM 3
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1348
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-3)
ProviderFlags : Unknown or provider flags not set (most likely)
Protocol Chain Length : 1
Service Flags : 0x20209 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{DEF01644-0269-4DF3-8C66-7C39330C318D}] SEQPACKET 0
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1349
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Provides a pseudo-stream packet based on datagrams. (5)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-2147483648)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x2000E (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol guarantees that all data sent will reach the intended destination.
    Protocol guarantees that data arrives in order sent and is not duplicated. This does not necessarily mean data is always delivered, but that any data delivered is delivered in the order sent.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------
Entry type : Base Service Provider
Description : MSAFD NetBIOS [\Device\NetBT_Tcpip6_{DEF01644-0269-4DF3-8C66-7C39330C318D}] DATAGRAM 0
Provider ID : {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path : %SystemRoot%\system32\mswsock.dll
Catalog Entry ID : 1350
Version : 2
Address Family : The NetBIOS address family. Only supported if the Windows Sockets provider for NetBIOS is installed. (17)
Maximum Address length : 20
Minimum Address length : 20
Socket Type : Supports datagrams, which are connectionless, unreliable buffers of a fixed (typically small) maximum length. Uses User Datagram Protocol (UDP) for Internet address familys IPv4 and IPv6. (2)
Protocol : Unknown, undefined, not configured. disabled, requires other components. or not applicapable for this entry. Note: Only one protocol needs to be set per Provider ID catalog entry ID. (-2147483648)
ProviderFlags : A value of zero in the protocol parameter of socket or WSASocket matches this protocol entry.
Protocol Chain Length : 1
Service Flags : 0x20209 (below flags are set by provider vendor and do not indicate how the protocol functions or operates.)
    Protocol provides connectionless (datagram) service. If not set, the protocol supports connection-oriented data transfer.
    Protocol honors message boundaries as opposed to a stream-oriented protocol where there is no concept of message boundaries.
    Protocol supports a broadcast mechanism.
    Protocol is considered to be bidirectional.
    Protocol socket descriptors returned by provider are operating system Installable File System (IFS) handles.
----------------------------------------------------------

Winsock Catalog Active Name Space (number available = 8)
----------------------------------------------------------
Description : Network Location Awareness Legacy (NLAv1) Namespace
Provider ID : {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Name Space : Network Location Awareness ( 15 )
Active : Yes
Version : 0
----------------------------------------------------------
Description : E-mail Naming Shim Provider
Provider ID : {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Name Space : Email ( 37 )
Active : Yes
Version : 0
----------------------------------------------------------
Description : PNRP Cloud Namespace Provider
Provider ID : {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Name Space : Peer-to-peer collection ( 39 )
Active : Yes
Version : 0
----------------------------------------------------------
Description : PNRP Name Namespace Provider
Provider ID : {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Name Space : Peer-to-peer ( 38 )
Active : Yes
Version : 0
----------------------------------------------------------
Description : Tcpip
Provider ID : {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Name Space : Domain Name System ( 12 )
Active : Yes
Version : 0
----------------------------------------------------------
Description : NTDS
Provider ID : {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Name Space : Windows NT Directory Services ( 32 )
Active : Yes
Version : 0
----------------------------------------------------------
Description : WindowsLive NSP
Provider ID : {4177DDE9-6028-479E-B7B7-03591A63FF3A}
Name Space : Domain Name System ( 12 )
Active : Yes
Version : 1
----------------------------------------------------------
Description : WindowsLive Local NSP
Provider ID : {229F2A2C-5F18-4A06-8F89-3A372170624D}
Name Space : Other value ( 19 )
Active : Yes
Version : 1
And... to give an example of the types of entries that should not appear...these are some entries from a 64 bit version of Windows 7 where the users computer was compromised by association with the install of some Layered Service Providers (LSP) which were exploited later. The symptoms were intermittant high latency in a game or connection intensive activity lasting a few seconds and a connection that would very intermittantly quit working for a few seconds, and sometimes a known good web page would not load on the first try, seemed like a possible ISP related problem but that turned out not to be the case. Malware/hijackers/viruses/trojans/worms/root kits, some of them seem to like this area, so people should check the providers and name spaces areas also because there is no antivirus package for the common consumer on the market that will detect errant activity in this area and warn you about it. No software that is not native to the operating system or supplied by the operating system vendor, or is not specifically for connection hardware (like a driver), should be installing an LSP, and its just not a windows thing either, it applies to Mac's and Linux too.

Code: Select all

Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry 
Description: PCTOOLS over [MSAFD Tcpip [TCP/IP]] 
Provider ID: {3260ADA5-D6C8-416C-A579-740B83323B61} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll 
Catalog Entry ID: 1019 
Version: 2 
Address Family: 2 
Max Address Length: 16 
Min Address Length: 16 
Socket Type: 1 
Protocol: 6 
Service Flags: 0x66 
Protocol Chain Length: 2 
Protocol Chain: 1018 : 1001 


Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry 
Description: PCTOOLS over [MSAFD Tcpip [UDP/IP]] 
Provider ID: {3260ADA5-D6C8-416C-A579-740B83323B61} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll 
Catalog Entry ID: 1020 
Version: 2 
Address Family: 2 
Max Address Length: 16 
Min Address Length: 16 
Socket Type: 2 
Protocol: 17 
Service Flags: 0x609 
Protocol Chain Length: 2 
Protocol Chain: 1018 : 1002 


Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry 
Description: PCTOOLS over [MSAFD Tcpip [RAW/IP]] 
Provider ID: {3260ADA5-D6C8-416C-A579-740B83323B61} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll 
Catalog Entry ID: 1021 
Version: 2 
Address Family: 2 
Max Address Length: 16 
Min Address Length: 16 
Socket Type: 3 
Protocol: 0 
Service Flags: 0x609 
Protocol Chain Length: 2 
Protocol Chain: 1018 : 1003 


Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry 
Description: PCTOOLS over [MSAFD Tcpip [TCP/IPv6]] 
Provider ID: {3260ADA5-D6C8-416C-A579-740B83323B61} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll 
Catalog Entry ID: 1022 
Version: 2 
Address Family: 23 
Max Address Length: 28 
Min Address Length: 28 
Socket Type: 1 
Protocol: 6 
Service Flags: 0x66 
Protocol Chain Length: 2 
Protocol Chain: 1018 : 1004 


Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry 
Description: PCTOOLS over [MSAFD Tcpip [UDP/IPv6]] 
Provider ID: {3260ADA5-D6C8-416C-A579-740B83323B61} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll 
Catalog Entry ID: 1023 
Version: 2 
Address Family: 23 
Max Address Length: 28 
Min Address Length: 28 
Socket Type: 2 
Protocol: 17 
Service Flags: 0x609 
Protocol Chain Length: 2 
Protocol Chain: 1018 : 1005

Entry Type: Layered Service Provider 
Description: PCTOOLS CONTENT FILTER PROVIDER 
Provider ID: {7F9EB0B5-7444-4497-AEEF-D0E2C76F9FAD} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll 
Catalog Entry ID: 1018 
Version: 2 
Address Family: 2 
Max Address Length: 16 
Min Address Length: 16 
Socket Type: 1 
Protocol: 6 
Service Flags: 0x0 
Protocol Chain Length: 0 

Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry (32) 
Description: PCTOOLS over [MSAFD Tcpip [TCP/IP]] 
Provider ID: {DA959FEB-FEC7-4B46-AB8A-125AF81CC03D} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll 
Catalog Entry ID: 1012 
Version: 2 
Address Family: 2 
Max Address Length: 16 
Min Address Length: 16 
Socket Type: 1 
Protocol: 6 
Service Flags: 0x66 
Protocol Chain Length: 2 
Protocol Chain: 1011 : 1001 


Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry (32) 
Description: PCTOOLS over [MSAFD Tcpip [UDP/IP]] 
Provider ID: {DA959FEB-FEC7-4B46-AB8A-125AF81CC03D} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll 
Catalog Entry ID: 1013 
Version: 2 
Address Family: 2 
Max Address Length: 16 
Min Address Length: 16 
Socket Type: 2 
Protocol: 17 
Service Flags: 0x609 
Protocol Chain Length: 2 
Protocol Chain: 1011 : 1002 


Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry (32) 
Description: PCTOOLS over [MSAFD Tcpip [RAW/IP]] 
Provider ID: {DA959FEB-FEC7-4B46-AB8A-125AF81CC03D} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll 
Catalog Entry ID: 1014 
Version: 2 
Address Family: 2 
Max Address Length: 16 
Min Address Length: 16 
Socket Type: 3 
Protocol: 0 
Service Flags: 0x609 
Protocol Chain Length: 2 
Protocol Chain: 1011 : 1003 


Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry (32) 
Description: PCTOOLS over [MSAFD Tcpip [TCP/IPv6]] 
Provider ID: {DA959FEB-FEC7-4B46-AB8A-125AF81CC03D} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll 
Catalog Entry ID: 1015 
Version: 2 
Address Family: 23 
Max Address Length: 28 
Min Address Length: 28 
Socket Type: 1 
Protocol: 6 
Service Flags: 0x66 
Protocol Chain Length: 2 
Protocol Chain: 1011 : 1004 


Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry (32) 
Description: PCTOOLS over [MSAFD Tcpip [UDP/IPv6]] 
Provider ID: {DA959FEB-FEC7-4B46-AB8A-125AF81CC03D} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll 
Catalog Entry ID: 1016 
Version: 2 
Address Family: 23 
Max Address Length: 28 
Min Address Length: 28 
Socket Type: 2 
Protocol: 17 
Service Flags: 0x609 
Protocol Chain Length: 2 
Protocol Chain: 1011 : 1005 


Winsock Catalog Provider Entry 
------------------------------------------------------ 
Entry Type: Layered Chain Entry (32) 
Description: PCTOOLS over [MSAFD Tcpip [RAW/IPv6]] 
Provider ID: {DA959FEB-FEC7-4B46-AB8A-125AF81CC03D} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll 
Catalog Entry ID: 1017 
Version: 2 
Address Family: 23 
Max Address Length: 28 
Min Address Length: 28 
Socket Type: 3 
Protocol: 0 
Service Flags: 0x609 
Protocol Chain Length: 2 
Protocol Chain: 1011 : 1006


Winsock Catalog Provider Entry 
------------------------------------------------------
Entry Type: Layered Service Provider (32) 
Description: PCTOOLS CONTENT FILTER PROVIDER 
Provider ID: {7F9EB0B5-7444-4497-AEEF-D0E2C76F9FAD} 
Provider Path: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll 
Catalog Entry ID: 1011 
Version: 2 
Address Family: 2 
Max Address Length: 16 
Min Address Length: 16 
Socket Type: 1 
Protocol: 6 
Service Flags: 0x0 
Protocol Chain Length: 0



buddymatkona wrote: There was a problem however with entries from "Version" through "Protocol" that looked like oversize integers being used.
I was running the 64 bit versions of PB 4.51 and Windows 7.
This is the structure, from the MSDN and in the Windows 7 SDK:

Code: Select all

typedef struct _WSAPROTOCOL_INFOW {
  DWORD            dwServiceFlags1;
  DWORD            dwServiceFlags2;
  DWORD            dwServiceFlags3;
  DWORD            dwServiceFlags4;
  DWORD            dwProviderFlags;
  GUID             ProviderId;
  DWORD            dwCatalogEntryId;
  WSAPROTOCOLCHAIN ProtocolChain;
  int              iVersion;
  int              iAddressFamily;
  int              iMaxSockAddr;
  int              iMinSockAddr;
  int              iSocketType;
  int              iProtocol;
  int              iProtocolMaxOffset;
  int              iNetworkByteOrder;
  int              iSecurityScheme;
  DWORD            dwMessageSize;
  DWORD            dwProviderReserved;
  WCHAR            szProtocol[WSAPROTOCOL_LEN+1];
} WSAPROTOCOL_INFOW, *LPWSAPROTOCOL_INFOW;
iVersion through iProtocol are of the type int according to the MSDN and the Win 7 SDK. According to MS, their type definition for the type int is "A 32-bit signed integer. The range is -2147483648 through 2147483647 decimal."

According to the Pure Basic help:

Long .l 4 bytes -2147483648 to +2147483647 (suits the MS definition of an int)
Integer .i 4 bytes (32 bits) -2147483648 to +2147483647 (suits the MS definition of an int)
Integer .i 8 bytes (64 bits) -9223372036854775808 to +9223372036854775807 (but, while in range, does not suit the MS definition for int or DWORD as .i in PB for 64 bit is 8 bytes and the structure needs 4 bytes.)

Maybe try a .l instead as the "oversized" integers your seeing may be that an .i on 64 bit Windows is 8 bytes and not 4 bytes. So for 64 bit Windows, change out iVersion through iSecurityScheme in the structure and make them .l and see what happens for you. the .i works ok here on 32 bit.

So you may need to make some adjustments for 64 bit Windows.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited