Support querying the number and kind of timestamps supported. Fixes n…

…map#174

Common/Packet32.h

@@ -374,6 +374,7 @@ extern "C"
 	BOOLEAN PacketSetBpf(LPADAPTER AdapterObject, struct bpf_program* fp);
 	BOOLEAN PacketSetLoopbackBehavior(LPADAPTER  AdapterObject, UINT LoopbackBehavior);
 	BOOLEAN PacketSetTimestampMode(LPADAPTER AdapterObject, ULONG mode);
+	BOOLEAN PacketGetTimestampModes(LPADAPTER AdapterObject, PULONG modes, PULONG BufferSize);
 	INT PacketSetSnapLen(LPADAPTER AdapterObject, int snaplen);
 	BOOLEAN PacketGetStats(LPADAPTER AdapterObject, struct bpf_stat* s);
 	BOOLEAN PacketGetStatsEx(LPADAPTER AdapterObject, struct bpf_stat* s);

packetWin7/Dll/Packet.def

@@ -38,4 +38,5 @@ EXPORTS
 		PacketIsDumpEnded
 		PacketSetLoopbackBehavior
 		PacketSetTimestampMode
+		PacketGetTimestampModes
 		PacketGetAirPcapHandle

packetWin7/Dll/Packet32.cpp

@@ -3196,6 +3196,39 @@ BOOLEAN PacketSetTimestampMode(LPADAPTER AdapterObject, ULONG mode)
 	return result;
 }
 
+/*!
+  \brief Retrieve the list of supported timestamp modes on an adapter
+  \param pModes User allocated array that will be filled with the available timestamp modes. First element is the length of the array minus 1.
+  \return If the function succeeds, the return value is nonzero. If the return value is zero, pModes[0] contains 
+          the number of ULONGs that are needed to contain the timestamp mode list.
+	  */
+BOOLEAN PacketGetTimestampModes(LPADAPTER AdapterObject, PULONG pModes, PULONG pNumModes)
+{
+	BOOLEAN result = FALSE;
+	DWORD BytesReturned = 0;
+	TRACE_ENTER();
+
+	if (AdapterObject->Flags != INFO_FLAG_NDIS_ADAPTER)
+	{
+		*pNumModes = 0;
+		TRACE_PRINT("PacketGetTimestampMode: not allowed on non-NPF adapters");
+		TRACE_EXIT();
+		SetLastError(ERROR_NOT_SUPPORTED);
+		return FALSE;
+	}
+
+	result = (BOOLEAN)DeviceIoControl(AdapterObject->hFile,
+			BIOCGTIMESTAMPMODES,
+			NULL,
+			0,
+			pModes,
+			pModes[0] * sizeof(ULONG),
+			&BytesReturned,
+			NULL);
+	TRACE_EXIT();
+	return result;
+}
+
 /*!
   \brief Sets the snap len on the adapters that allow it.
   \param AdapterObject Pointer to an _ADAPTER structure.

packetWin7/npf/npf/Packet.c

@@ -2022,6 +2022,37 @@ NPF_IoControl(
 		SET_RESULT_SUCCESS(0);
 		break;
 
+	case BIOCGTIMESTAMPMODES:
+		// Need to at least deliver the number of modes
+		FAIL_IF_OUTPUT_SMALL(sizeof(ULONG));
+
+		dim = IrpSp->Parameters.DeviceIoControl.OutputBufferLength / sizeof(ULONG);
+		cnt = 0;
+		pUL = (PULONG)Irp->AssociatedIrp.SystemBuffer;
+		Status = STATUS_SUCCESS;
+
+#define NEXT_MODE(_M) if (dim > ++cnt) { \
+			pUL[cnt] = _M; \
+		} else { \
+			Status = STATUS_BUFFER_OVERFLOW; \
+		}
+		NEXT_MODE(TIMESTAMPMODE_SINGLE_SYNCHRONIZATION);
+		NEXT_MODE(TIMESTAMPMODE_QUERYSYSTEMTIME);
+		// Only report the _PRECISE version if it's different than QST
+		if (g_ptrQuerySystemTime ==
+#ifdef KeQuerySystemTime
+				&KeQuerySystemTimeWrapper
+#else
+				&KeQuerySystemTime
+#endif
+		   )
+		{
+			NEXT_MODE(TIMESTAMPMODE_QUERYSYSTEMTIME_PRECISE);
+		}
+		Information = sizeof(ULONG) * (cnt+1);
+		Status = (cnt < dim) ? STATUS_SUCCESS : STATUS_BUFFER_OVERFLOW;
+		break;
+
 	case BIOCGETPIDS:
 		// Need to at least deliver the number of PIDS
 		FAIL_IF_OUTPUT_SMALL(sizeof(ULONG));

packetWin7/npf/npf/ioctls.h

@@ -262,6 +262,8 @@
   This IOCTL sets the timestamp mode (DWORD) to one of the supported modes from time_calls.h
 */ 
 #define BIOCSTIMESTAMPMODE CTL_CODE(FILE_DEVICE_TRANSPORT, 0xa12, METHOD_BUFFERED, FILE_READ_DATA)
+// Get a list of supported timestamp modes. Output is an array of ULONG. First element is the number of modes supported.
+#define BIOCGTIMESTAMPMODES CTL_CODE(FILE_DEVICE_TRANSPORT, 0xa13, METHOD_BUFFERED, FILE_READ_DATA)
 /** 
  *  @}
  */