archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/net/ipsec/spd/server/spdrpc.c

2757 lines
66 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1999 Microsoft Corporation
  6. Module Name:
  8. spdrpc.c
  10. Abstract:
  12. This module contains all of the code to service the
  13. RPC calls made to the SPD server.
  15. Author:
  17. abhisheV 30-September-1999
  19. Environment
  21. User Level: Win32
  23. Revision History:
  26. --*/
  29. #include "precomp.h"
  32. VOID
  33. TRANSPORTFILTER_HANDLE_rundown(
  34. TRANSPORTFILTER_HANDLE hFilter
  35. )
  36. {
  37. if (!gbSPDRPCServerUp) {
  38. return;
  39. }
  41. if (hFilter) {
  42. (VOID) DeleteTransportFilter(
  43. hFilter
  44. );
  45. }
  47. return;
  48. }
  51. DWORD
  52. RpcAddTransportFilter(
  53. STRING_HANDLE pServerName,
  54. DWORD dwVersion,
  55. DWORD dwFlags,
  56. PTRANSPORT_FILTER_CONTAINER pFilterContainer,
  57. TRANSPORTFILTER_HANDLE * phFilter
  58. )
  59. {
  60. DWORD dwError = 0;
  61. PTRANSPORT_FILTER pTransportFilter = NULL;
  62. BOOL bImpersonating = FALSE;
  65. dwError = SPDImpersonateClient(
  66. &bImpersonating
  67. );
  68. BAIL_ON_WIN32_ERROR(dwError);
  70. if (dwVersion) {
  71. dwError = ERROR_NOT_SUPPORTED;
  72. BAIL_ON_WIN32_ERROR(dwError);
  73. }
  75. if (!pFilterContainer || !phFilter) {
  76. dwError = ERROR_INVALID_PARAMETER;
  77. BAIL_ON_WIN32_ERROR(dwError);
  78. }
  80. if (!(pFilterContainer->pTransportFilters) ||
  81. !(pFilterContainer->dwNumFilters)) {
  82. dwError = ERROR_INVALID_PARAMETER;
  83. BAIL_ON_WIN32_ERROR(dwError);
  84. }
  86. pTransportFilter = pFilterContainer->pTransportFilters;
  88. if (pTransportFilter && (pTransportFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  89. dwError = ERROR_INVALID_LEVEL;
  90. BAIL_ON_WIN32_ERROR(dwError);
  91. }
  93. dwError = AddTransportFilter(
  94. pServerName,
  95. dwVersion,
  96. dwFlags,
  97. pTransportFilter,
  98. NULL,
  99. phFilter
  100. );
  101. BAIL_ON_WIN32_ERROR(dwError);
  103. error:
  105. SPDRevertToSelf(bImpersonating);
  106. return (dwError);
  107. }
  110. DWORD
  111. RpcDeleteTransportFilter(
  112. TRANSPORTFILTER_HANDLE * phFilter
  113. )
  114. {
  115. DWORD dwError = 0;
  116. BOOL bImpersonating = FALSE;
  119. dwError = SPDImpersonateClient(
  120. &bImpersonating
  121. );
  122. BAIL_ON_WIN32_ERROR(dwError);
  124. if (!phFilter) {
  125. SPDRevertToSelf(bImpersonating);
  126. return (ERROR_INVALID_PARAMETER);
  127. }
  129. dwError = DeleteTransportFilter(
  130. *phFilter
  131. );
  132. BAIL_ON_WIN32_ERROR(dwError);
  134. *phFilter = NULL;
  136. error:
  138. SPDRevertToSelf(bImpersonating);
  139. return (dwError);
  140. }
  143. DWORD
  144. RpcEnumTransportFilters(
  145. STRING_HANDLE pServerName,
  146. DWORD dwVersion,
  147. PTRANSPORT_FILTER_CONTAINER pTemplateFilterContainer,
  148. DWORD dwLevel,
  149. GUID gGenericFilterID,
  150. DWORD dwPreferredNumEntries,
  151. PTRANSPORT_FILTER_CONTAINER * ppFilterContainer,
  152. LPDWORD pdwResumeHandle
  153. )
  154. {
  155. DWORD dwError = 0;
  156. PTRANSPORT_FILTER pTransportFilters = NULL;
  157. DWORD dwNumFilters = 0;
  158. BOOL bImpersonating = FALSE;
  159. PTRANSPORT_FILTER pTransportTemplateFilter = NULL;
  162. dwError = SPDImpersonateClient(
  163. &bImpersonating
  164. );
  165. if (dwError) {
  166. return (dwError);
  167. }
  169. if (dwVersion) {
  170. SPDRevertToSelf(bImpersonating);
  171. return (ERROR_NOT_SUPPORTED);
  172. }
  174. if (!pTemplateFilterContainer || !ppFilterContainer || !pdwResumeHandle ||
  175. !*ppFilterContainer) {
  176. SPDRevertToSelf(bImpersonating);
  177. return (ERROR_INVALID_PARAMETER);
  178. }
  180. switch (dwLevel) {
  182. case ENUM_GENERIC_FILTERS:
  183. case ENUM_SELECT_SPECIFIC_FILTERS:
  184. case ENUM_SPECIFIC_FILTERS:
  185. break;
  187. default:
  188. dwError = ERROR_INVALID_LEVEL;
  189. BAIL_ON_WIN32_ERROR(dwError);
  190. break;
  192. }
  194. if ((pTemplateFilterContainer->dwNumFilters) ||
  195. (pTemplateFilterContainer->pTransportFilters)) {
  196. dwError = ERROR_NOT_SUPPORTED;
  197. BAIL_ON_WIN32_ERROR(dwError);
  198. }
  200. dwError = EnumTransportFilters(
  201. pServerName,
  202. dwVersion,
  203. pTransportTemplateFilter,
  204. dwLevel,
  205. gGenericFilterID,
  206. dwPreferredNumEntries,
  207. &pTransportFilters,
  208. &dwNumFilters,
  209. pdwResumeHandle,
  210. NULL
  211. );
  212. BAIL_ON_WIN32_ERROR(dwError);
  214. (*ppFilterContainer)->pTransportFilters = pTransportFilters;
  215. (*ppFilterContainer)->dwNumFilters = dwNumFilters;
  216. SPDRevertToSelf(bImpersonating);
  217. return (dwError);
  219. error:
  221. (*ppFilterContainer)->pTransportFilters = NULL;
  222. (*ppFilterContainer)->dwNumFilters = 0;
  223. SPDRevertToSelf(bImpersonating);
  224. return (dwError);
  225. }
  228. DWORD
  229. RpcSetTransportFilter(
  230. TRANSPORTFILTER_HANDLE hFilter,
  231. DWORD dwVersion,
  232. PTRANSPORT_FILTER_CONTAINER pFilterContainer
  233. )
  234. {
  235. DWORD dwError = 0;
  236. PTRANSPORT_FILTER pTransportFilter = NULL;
  237. BOOL bImpersonating = FALSE;
  240. dwError = SPDImpersonateClient(
  241. &bImpersonating
  242. );
  243. BAIL_ON_WIN32_ERROR(dwError);
  245. if (dwVersion) {
  246. dwError = ERROR_NOT_SUPPORTED;
  247. BAIL_ON_WIN32_ERROR(dwError);
  248. }
  250. if (!hFilter || !pFilterContainer) {
  251. dwError = ERROR_INVALID_PARAMETER;
  252. BAIL_ON_WIN32_ERROR(dwError);
  253. }
  255. if (!(pFilterContainer->pTransportFilters) ||
  256. !(pFilterContainer->dwNumFilters)) {
  257. dwError = ERROR_INVALID_PARAMETER;
  258. BAIL_ON_WIN32_ERROR(dwError);
  259. }
  261. pTransportFilter = pFilterContainer->pTransportFilters;
  263. if (pTransportFilter && (pTransportFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  264. dwError = ERROR_INVALID_LEVEL;
  265. BAIL_ON_WIN32_ERROR(dwError);
  266. }
  268. dwError = SetTransportFilter(
  269. hFilter,
  270. dwVersion,
  271. pTransportFilter,
  272. NULL
  273. );
  274. BAIL_ON_WIN32_ERROR(dwError);
  276. error:
  278. SPDRevertToSelf(bImpersonating);
  279. return (dwError);
  280. }
  283. DWORD
  284. RpcGetTransportFilter(
  285. TRANSPORTFILTER_HANDLE hFilter,
  286. DWORD dwVersion,
  287. PTRANSPORT_FILTER_CONTAINER * ppFilterContainer
  288. )
  289. {
  290. DWORD dwError = 0;
  291. PTRANSPORT_FILTER pTransportFilter = NULL;
  292. BOOL bImpersonating = FALSE;
  295. dwError = SPDImpersonateClient(
  296. &bImpersonating
  297. );
  298. if (dwError) {
  299. return (dwError);
  300. }
  302. if (dwVersion) {
  303. SPDRevertToSelf(bImpersonating);
  304. return (ERROR_NOT_SUPPORTED);
  305. }
  307. if (!hFilter || !ppFilterContainer || !*ppFilterContainer) {
  308. SPDRevertToSelf(bImpersonating);
  309. return (ERROR_INVALID_PARAMETER);
  310. }
  312. dwError = GetTransportFilter(
  313. hFilter,
  314. dwVersion,
  315. &pTransportFilter,
  316. NULL
  317. );
  318. BAIL_ON_WIN32_ERROR(dwError);
  320. (*ppFilterContainer)->pTransportFilters = pTransportFilter;
  321. (*ppFilterContainer)->dwNumFilters = 1;
  322. SPDRevertToSelf(bImpersonating);
  323. return (dwError);
  325. error:
  327. (*ppFilterContainer)->pTransportFilters = NULL;
  328. (*ppFilterContainer)->dwNumFilters = 0;
  329. SPDRevertToSelf(bImpersonating);
  330. return (dwError);
  331. }
  334. DWORD
  335. RpcAddQMPolicy(
  336. STRING_HANDLE pServerName,
  337. DWORD dwVersion,
  338. DWORD dwFlags,
  339. PIPSEC_QM_POLICY_CONTAINER pQMPolicyContainer
  340. )
  341. {
  342. DWORD dwError = 0;
  343. PIPSEC_QM_POLICY pQMPolicy = NULL;
  344. BOOL bImpersonating = FALSE;
  347. dwError = SPDImpersonateClient(
  348. &bImpersonating
  349. );
  350. BAIL_ON_WIN32_ERROR(dwError);
  352. if (dwVersion) {
  353. dwError = ERROR_NOT_SUPPORTED;
  354. BAIL_ON_WIN32_ERROR(dwError);
  355. }
  357. if (!pQMPolicyContainer) {
  358. dwError = ERROR_INVALID_PARAMETER;
  359. BAIL_ON_WIN32_ERROR(dwError);
  360. }
  362. if (!(pQMPolicyContainer->pPolicies) ||
  363. !(pQMPolicyContainer->dwNumPolicies)) {
  364. dwError = ERROR_INVALID_PARAMETER;
  365. BAIL_ON_WIN32_ERROR(dwError);
  366. }
  368. pQMPolicy = pQMPolicyContainer->pPolicies;
  370. dwError = AddQMPolicy(
  371. pServerName,
  372. dwVersion,
  373. dwFlags,
  374. pQMPolicy,
  375. NULL
  376. );
  377. BAIL_ON_WIN32_ERROR(dwError);
  379. error:
  381. SPDRevertToSelf(bImpersonating);
  382. return (dwError);
  383. }
  386. DWORD
  387. RpcDeleteQMPolicy(
  388. STRING_HANDLE pServerName,
  389. DWORD dwVersion,
  390. LPWSTR pszPolicyName
  391. )
  392. {
  393. DWORD dwError = 0;
  394. BOOL bImpersonating = FALSE;
  397. dwError = SPDImpersonateClient(
  398. &bImpersonating
  399. );
  400. BAIL_ON_WIN32_ERROR(dwError);
  402. if (dwVersion) {
  403. dwError = ERROR_NOT_SUPPORTED;
  404. BAIL_ON_WIN32_ERROR(dwError);
  405. }
  407. if (!pszPolicyName || !*pszPolicyName) {
  408. dwError = ERROR_INVALID_PARAMETER;
  409. BAIL_ON_WIN32_ERROR(dwError);
  410. }
  412. dwError = DeleteQMPolicy(
  413. pServerName,
  414. dwVersion,
  415. pszPolicyName,
  416. NULL
  417. );
  418. BAIL_ON_WIN32_ERROR(dwError);
  420. error:
  422. SPDRevertToSelf(bImpersonating);
  423. return (dwError);
  424. }
  427. DWORD
  428. RpcEnumQMPolicies(
  429. STRING_HANDLE pServerName,
  430. DWORD dwVersion,
  431. PIPSEC_QM_POLICY_CONTAINER pQMTempPolicyContainer,
  432. DWORD dwFlags,
  433. DWORD dwPreferredNumEntries,
  434. PIPSEC_QM_POLICY_CONTAINER * ppQMPolicyContainer,
  435. LPDWORD pdwResumeHandle
  436. )
  437. {
  438. DWORD dwError = 0;
  439. PIPSEC_QM_POLICY pQMPolicies = NULL;
  440. DWORD dwNumPolicies = 0;
  441. BOOL bImpersonating = FALSE;
  442. PIPSEC_QM_POLICY pQMTemplatePolicy = NULL;
  445. dwError = SPDImpersonateClient(
  446. &bImpersonating
  447. );
  448. if (dwError) {
  449. return (dwError);
  450. }
  452. if (dwVersion) {
  453. SPDRevertToSelf(bImpersonating);
  454. return (ERROR_NOT_SUPPORTED);
  455. }
  457. if (!pQMTempPolicyContainer || !ppQMPolicyContainer || !pdwResumeHandle ||
  458. !*ppQMPolicyContainer) {
  459. //
  460. // Do not bail to error from here.
  461. //
  462. SPDRevertToSelf(bImpersonating);
  463. return (ERROR_INVALID_PARAMETER);
  464. }
  466. if ((pQMTempPolicyContainer->dwNumPolicies) ||
  467. (pQMTempPolicyContainer->pPolicies)) {
  468. dwError = ERROR_NOT_SUPPORTED;
  469. BAIL_ON_WIN32_ERROR(dwError);
  470. }
  472. dwError = EnumQMPolicies(
  473. pServerName,
  474. dwVersion,
  475. pQMTemplatePolicy,
  476. dwFlags,
  477. dwPreferredNumEntries,
  478. &pQMPolicies,
  479. &dwNumPolicies,
  480. pdwResumeHandle,
  481. NULL
  482. );
  483. BAIL_ON_WIN32_ERROR(dwError);
  485. (*ppQMPolicyContainer)->pPolicies = pQMPolicies;
  486. (*ppQMPolicyContainer)->dwNumPolicies = dwNumPolicies;
  487. SPDRevertToSelf(bImpersonating);
  488. return (dwError);
  490. error:
  492. (*ppQMPolicyContainer)->pPolicies = NULL;
  493. (*ppQMPolicyContainer)->dwNumPolicies = 0;
  494. SPDRevertToSelf(bImpersonating);
  495. return (dwError);
  496. }
  499. DWORD
  500. RpcSetQMPolicy(
  501. STRING_HANDLE pServerName,
  502. DWORD dwVersion,
  503. LPWSTR pszPolicyName,
  504. PIPSEC_QM_POLICY_CONTAINER pQMPolicyContainer
  505. )
  506. {
  507. DWORD dwError = 0;
  508. PIPSEC_QM_POLICY pQMPolicy = NULL;
  509. BOOL bImpersonating = FALSE;
  512. dwError = SPDImpersonateClient(
  513. &bImpersonating
  514. );
  515. BAIL_ON_WIN32_ERROR(dwError);
  517. if (dwVersion) {
  518. dwError = ERROR_NOT_SUPPORTED;
  519. BAIL_ON_WIN32_ERROR(dwError);
  520. }
  522. if (!pszPolicyName || !*pszPolicyName ||
  523. !pQMPolicyContainer) {
  524. dwError = ERROR_INVALID_PARAMETER;
  525. BAIL_ON_WIN32_ERROR(dwError);
  526. }
  528. if (!(pQMPolicyContainer->pPolicies) ||
  529. !(pQMPolicyContainer->dwNumPolicies)) {
  530. dwError = ERROR_INVALID_PARAMETER;
  531. BAIL_ON_WIN32_ERROR(dwError);
  532. }
  534. pQMPolicy = pQMPolicyContainer->pPolicies;
  536. dwError = SetQMPolicy(
  537. pServerName,
  538. dwVersion,
  539. pszPolicyName,
  540. pQMPolicy,
  541. NULL
  542. );
  543. BAIL_ON_WIN32_ERROR(dwError);
  545. error:
  547. SPDRevertToSelf(bImpersonating);
  548. return (dwError);
  549. }
  552. DWORD
  553. RpcGetQMPolicy(
  554. STRING_HANDLE pServerName,
  555. DWORD dwVersion,
  556. LPWSTR pszPolicyName,
  557. DWORD dwFlags,
  558. PIPSEC_QM_POLICY_CONTAINER * ppQMPolicyContainer
  559. )
  560. {
  561. DWORD dwError = 0;
  562. PIPSEC_QM_POLICY pQMPolicy = NULL;
  563. BOOL bImpersonating = FALSE;
  566. dwError = SPDImpersonateClient(
  567. &bImpersonating
  568. );
  569. if (dwError) {
  570. return (dwError);
  571. }
  573. if (dwVersion) {
  574. SPDRevertToSelf(bImpersonating);
  575. return (ERROR_NOT_SUPPORTED);
  576. }
  578. if (!pszPolicyName || !*pszPolicyName || !ppQMPolicyContainer ||
  579. !*ppQMPolicyContainer) {
  580. //
  581. // Do not bail to error from here.
  582. //
  583. SPDRevertToSelf(bImpersonating);
  584. return (ERROR_INVALID_PARAMETER);
  585. }
  587. dwError = GetQMPolicy(
  588. pServerName,
  589. dwVersion,
  590. pszPolicyName,
  591. dwFlags,
  592. &pQMPolicy,
  593. NULL
  594. );
  595. BAIL_ON_WIN32_ERROR(dwError);
  597. (*ppQMPolicyContainer)->pPolicies = pQMPolicy;
  598. (*ppQMPolicyContainer)->dwNumPolicies = 1;
  599. SPDRevertToSelf(bImpersonating);
  600. return (dwError);
  602. error:
  604. (*ppQMPolicyContainer)->pPolicies = NULL;
  605. (*ppQMPolicyContainer)->dwNumPolicies = 0;
  606. SPDRevertToSelf(bImpersonating);
  607. return (dwError);
  608. }
  611. DWORD
  612. RpcAddMMPolicy(
  613. STRING_HANDLE pServerName,
  614. DWORD dwVersion,
  615. DWORD dwFlags,
  616. PIPSEC_MM_POLICY_CONTAINER pMMPolicyContainer
  617. )
  618. {
  619. DWORD dwError = 0;
  620. PIPSEC_MM_POLICY pMMPolicy = NULL;
  621. BOOL bImpersonating = FALSE;
  624. dwError = SPDImpersonateClient(
  625. &bImpersonating
  626. );
  627. BAIL_ON_WIN32_ERROR(dwError);
  629. if (dwVersion) {
  630. dwError = ERROR_NOT_SUPPORTED;
  631. BAIL_ON_WIN32_ERROR(dwError);
  632. }
  634. if (!pMMPolicyContainer) {
  635. dwError = ERROR_INVALID_PARAMETER;
  636. BAIL_ON_WIN32_ERROR(dwError);
  637. }
  639. if (!(pMMPolicyContainer->pPolicies) ||
  640. !(pMMPolicyContainer->dwNumPolicies)) {
  641. dwError = ERROR_INVALID_PARAMETER;
  642. BAIL_ON_WIN32_ERROR(dwError);
  643. }
  645. pMMPolicy = pMMPolicyContainer->pPolicies;
  647. dwError = AddMMPolicy(
  648. pServerName,
  649. dwVersion,
  650. dwFlags,
  651. pMMPolicy,
  652. NULL
  653. );
  654. BAIL_ON_WIN32_ERROR(dwError);
  656. error:
  658. SPDRevertToSelf(bImpersonating);
  659. return (dwError);
  660. }
  663. DWORD
  664. RpcDeleteMMPolicy(
  665. STRING_HANDLE pServerName,
  666. DWORD dwVersion,
  667. LPWSTR pszPolicyName
  668. )
  669. {
  670. DWORD dwError = 0;
  671. BOOL bImpersonating = FALSE;
  674. dwError = SPDImpersonateClient(
  675. &bImpersonating
  676. );
  677. BAIL_ON_WIN32_ERROR(dwError);
  679. if (dwVersion) {
  680. dwError = ERROR_NOT_SUPPORTED;
  681. BAIL_ON_WIN32_ERROR(dwError);
  682. }
  684. if (!pszPolicyName || !*pszPolicyName) {
  685. dwError = ERROR_INVALID_PARAMETER;
  686. BAIL_ON_WIN32_ERROR(dwError);
  687. }
  689. dwError = DeleteMMPolicy(
  690. pServerName,
  691. dwVersion,
  692. pszPolicyName,
  693. NULL
  694. );
  695. BAIL_ON_WIN32_ERROR(dwError);
  697. error:
  699. SPDRevertToSelf(bImpersonating);
  700. return (dwError);
  701. }
  704. DWORD
  705. RpcEnumMMPolicies(
  706. STRING_HANDLE pServerName,
  707. DWORD dwVersion,
  708. PIPSEC_MM_POLICY_CONTAINER pMMTempPolicyContainer,
  709. DWORD dwFlags,
  710. DWORD dwPreferredNumEntries,
  711. PIPSEC_MM_POLICY_CONTAINER * ppMMPolicyContainer,
  712. LPDWORD pdwResumeHandle
  713. )
  714. {
  715. DWORD dwError = 0;
  716. PIPSEC_MM_POLICY pMMPolicies = NULL;
  717. DWORD dwNumPolicies = 0;
  718. BOOL bImpersonating = FALSE;
  719. PIPSEC_MM_POLICY pMMTemplatePolicy = NULL;
  722. dwError = SPDImpersonateClient(
  723. &bImpersonating
  724. );
  725. if (dwError) {
  726. return (dwError);
  727. }
  729. if (dwVersion) {
  730. SPDRevertToSelf(bImpersonating);
  731. return (ERROR_NOT_SUPPORTED);
  732. }
  734. if (!pMMTempPolicyContainer || !ppMMPolicyContainer || !pdwResumeHandle ||
  735. !*ppMMPolicyContainer) {
  736. //
  737. // Do not bail to error from here.
  738. //
  739. SPDRevertToSelf(bImpersonating);
  740. return (ERROR_INVALID_PARAMETER);
  741. }
  743. if ((pMMTempPolicyContainer->dwNumPolicies) ||
  744. (pMMTempPolicyContainer->pPolicies)) {
  745. dwError = ERROR_NOT_SUPPORTED;
  746. BAIL_ON_WIN32_ERROR(dwError);
  747. }
  749. dwError = EnumMMPolicies(
  750. pServerName,
  751. dwVersion,
  752. pMMTemplatePolicy,
  753. dwFlags,
  754. dwPreferredNumEntries,
  755. &pMMPolicies,
  756. &dwNumPolicies,
  757. pdwResumeHandle,
  758. NULL
  759. );
  760. BAIL_ON_WIN32_ERROR(dwError);
  762. (*ppMMPolicyContainer)->pPolicies = pMMPolicies;
  763. (*ppMMPolicyContainer)->dwNumPolicies = dwNumPolicies;
  764. SPDRevertToSelf(bImpersonating);
  765. return (dwError);
  767. error:
  769. (*ppMMPolicyContainer)->pPolicies = NULL;
  770. (*ppMMPolicyContainer)->dwNumPolicies = 0;
  771. SPDRevertToSelf(bImpersonating);
  772. return (dwError);
  773. }
  776. DWORD
  777. RpcSetMMPolicy(
  778. STRING_HANDLE pServerName,
  779. DWORD dwVersion,
  780. LPWSTR pszPolicyName,
  781. PIPSEC_MM_POLICY_CONTAINER pMMPolicyContainer
  782. )
  783. {
  784. DWORD dwError = 0;
  785. PIPSEC_MM_POLICY pMMPolicy = NULL;
  786. BOOL bImpersonating = FALSE;
  789. dwError = SPDImpersonateClient(
  790. &bImpersonating
  791. );
  792. BAIL_ON_WIN32_ERROR(dwError);
  794. if (dwVersion) {
  795. dwError = ERROR_NOT_SUPPORTED;
  796. BAIL_ON_WIN32_ERROR(dwError);
  797. }
  799. if (!pszPolicyName || !*pszPolicyName ||
  800. !pMMPolicyContainer) {
  801. dwError = ERROR_INVALID_PARAMETER;
  802. BAIL_ON_WIN32_ERROR(dwError);
  803. }
  805. if (!(pMMPolicyContainer->pPolicies) ||
  806. !(pMMPolicyContainer->dwNumPolicies)) {
  807. dwError = ERROR_INVALID_PARAMETER;
  808. BAIL_ON_WIN32_ERROR(dwError);
  809. }
  811. pMMPolicy = pMMPolicyContainer->pPolicies;
  813. dwError = SetMMPolicy(
  814. pServerName,
  815. dwVersion,
  816. pszPolicyName,
  817. pMMPolicy,
  818. NULL
  819. );
  820. BAIL_ON_WIN32_ERROR(dwError);
  822. error:
  824. SPDRevertToSelf(bImpersonating);
  825. return (dwError);
  826. }
  829. DWORD
  830. RpcGetMMPolicy(
  831. STRING_HANDLE pServerName,
  832. DWORD dwVersion,
  833. LPWSTR pszPolicyName,
  834. PIPSEC_MM_POLICY_CONTAINER * ppMMPolicyContainer
  835. )
  836. {
  837. DWORD dwError = 0;
  838. PIPSEC_MM_POLICY pMMPolicy = NULL;
  839. BOOL bImpersonating = FALSE;
  842. dwError = SPDImpersonateClient(
  843. &bImpersonating
  844. );
  845. if (dwError) {
  846. return (dwError);
  847. }
  849. if (dwVersion) {
  850. SPDRevertToSelf(bImpersonating);
  851. return (ERROR_NOT_SUPPORTED);
  852. }
  854. if (!pszPolicyName || !*pszPolicyName || !ppMMPolicyContainer ||
  855. !*ppMMPolicyContainer) {
  856. //
  857. // Do not bail to error from here.
  858. //
  859. SPDRevertToSelf(bImpersonating);
  860. return (ERROR_INVALID_PARAMETER);
  861. }
  863. dwError = GetMMPolicy(
  864. pServerName,
  865. dwVersion,
  866. pszPolicyName,
  867. &pMMPolicy,
  868. NULL
  869. );
  870. BAIL_ON_WIN32_ERROR(dwError);
  872. (*ppMMPolicyContainer)->pPolicies = pMMPolicy;
  873. (*ppMMPolicyContainer)->dwNumPolicies = 1;
  874. SPDRevertToSelf(bImpersonating);
  875. return (dwError);
  877. error:
  879. (*ppMMPolicyContainer)->pPolicies = NULL;
  880. (*ppMMPolicyContainer)->dwNumPolicies = 0;
  881. SPDRevertToSelf(bImpersonating);
  882. return (dwError);
  883. }
  886. VOID
  887. MMFILTER_HANDLE_rundown(
  888. MMFILTER_HANDLE hMMFilter
  889. )
  890. {
  891. if (!gbSPDRPCServerUp) {
  892. return;
  893. }
  895. if (hMMFilter) {
  896. (VOID) DeleteMMFilter(
  897. hMMFilter
  898. );
  899. }
  901. return;
  902. }
  905. DWORD
  906. RpcAddMMFilter(
  907. STRING_HANDLE pServerName,
  908. DWORD dwVersion,
  909. DWORD dwFlags,
  910. PMM_FILTER_CONTAINER pMMFilterContainer,
  911. MMFILTER_HANDLE * phMMFilter
  912. )
  913. {
  914. DWORD dwError = 0;
  915. PMM_FILTER pMMFilter = NULL;
  916. BOOL bImpersonating = FALSE;
  919. dwError = SPDImpersonateClient(
  920. &bImpersonating
  921. );
  922. BAIL_ON_WIN32_ERROR(dwError);
  924. if (dwVersion) {
  925. dwError = ERROR_NOT_SUPPORTED;
  926. BAIL_ON_WIN32_ERROR(dwError);
  927. }
  929. if (!pMMFilterContainer || !phMMFilter) {
  930. dwError = ERROR_INVALID_PARAMETER;
  931. BAIL_ON_WIN32_ERROR(dwError);
  932. }
  934. if (!(pMMFilterContainer->pMMFilters) ||
  935. !(pMMFilterContainer->dwNumFilters)) {
  936. dwError = ERROR_INVALID_PARAMETER;
  937. BAIL_ON_WIN32_ERROR(dwError);
  938. }
  940. pMMFilter = pMMFilterContainer->pMMFilters;
  942. if (pMMFilter && (pMMFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  943. dwError = ERROR_INVALID_LEVEL;
  944. BAIL_ON_WIN32_ERROR(dwError);
  945. }
  947. dwError = AddMMFilter(
  948. pServerName,
  949. dwVersion,
  950. dwFlags,
  951. pMMFilter,
  952. NULL,
  953. phMMFilter
  954. );
  955. BAIL_ON_WIN32_ERROR(dwError);
  957. error:
  959. SPDRevertToSelf(bImpersonating);
  960. return (dwError);
  961. }
  964. DWORD
  965. RpcDeleteMMFilter(
  966. MMFILTER_HANDLE * phMMFilter
  967. )
  968. {
  969. DWORD dwError = 0;
  970. BOOL bImpersonating = FALSE;
  973. dwError = SPDImpersonateClient(
  974. &bImpersonating
  975. );
  976. BAIL_ON_WIN32_ERROR(dwError);
  978. if (!phMMFilter) {
  979. SPDRevertToSelf(bImpersonating);
  980. return (ERROR_INVALID_PARAMETER);
  981. }
  983. dwError = DeleteMMFilter(
  984. *phMMFilter
  985. );
  986. BAIL_ON_WIN32_ERROR(dwError);
  988. *phMMFilter = NULL;
  990. error:
  992. SPDRevertToSelf(bImpersonating);
  993. return (dwError);
  994. }
  997. DWORD
  998. RpcEnumMMFilters(
  999. STRING_HANDLE pServerName,
  1000. DWORD dwVersion,
  1001. PMM_FILTER_CONTAINER pTemplateFilterContainer,
  1002. DWORD dwLevel,
  1003. GUID gGenericFilterID,
  1004. DWORD dwPreferredNumEntries,
  1005. PMM_FILTER_CONTAINER * ppMMFilterContainer,
  1006. LPDWORD pdwResumeHandle
  1007. )
  1008. {
  1009. DWORD dwError = 0;
  1010. PMM_FILTER pMMFilters = NULL;
  1011. DWORD dwNumFilters = 0;
  1012. BOOL bImpersonating = FALSE;
  1013. PMM_FILTER pMMTemplateFilter = NULL;
  1016. dwError = SPDImpersonateClient(
  1017. &bImpersonating
  1018. );
  1019. if (dwError) {
  1020. return (dwError);
  1021. }
  1023. if (dwVersion) {
  1024. SPDRevertToSelf(bImpersonating);
  1025. return (ERROR_NOT_SUPPORTED);
  1026. }
  1028. if (!pTemplateFilterContainer || !ppMMFilterContainer || !pdwResumeHandle ||
  1029. !*ppMMFilterContainer) {
  1030. SPDRevertToSelf(bImpersonating);
  1031. return (ERROR_INVALID_PARAMETER);
  1032. }
  1034. switch (dwLevel) {
  1036. case ENUM_GENERIC_FILTERS:
  1037. case ENUM_SELECT_SPECIFIC_FILTERS:
  1038. case ENUM_SPECIFIC_FILTERS:
  1039. break;
  1041. default:
  1042. dwError = ERROR_INVALID_LEVEL;
  1043. BAIL_ON_WIN32_ERROR(dwError);
  1044. break;
  1046. }
  1048. if ((pTemplateFilterContainer->dwNumFilters) ||
  1049. (pTemplateFilterContainer->pMMFilters)) {
  1050. dwError = ERROR_NOT_SUPPORTED;
  1051. BAIL_ON_WIN32_ERROR(dwError);
  1052. }
  1054. dwError = EnumMMFilters(
  1055. pServerName,
  1056. dwVersion,
  1057. pMMTemplateFilter,
  1058. dwLevel,
  1059. gGenericFilterID,
  1060. dwPreferredNumEntries,
  1061. &pMMFilters,
  1062. &dwNumFilters,
  1063. pdwResumeHandle,
  1064. NULL
  1065. );
  1066. BAIL_ON_WIN32_ERROR(dwError);
  1068. (*ppMMFilterContainer)->pMMFilters = pMMFilters;
  1069. (*ppMMFilterContainer)->dwNumFilters = dwNumFilters;
  1070. SPDRevertToSelf(bImpersonating);
  1071. return (dwError);
  1073. error:
  1075. (*ppMMFilterContainer)->pMMFilters = NULL;
  1076. (*ppMMFilterContainer)->dwNumFilters = 0;
  1077. SPDRevertToSelf(bImpersonating);
  1078. return (dwError);
  1079. }
  1082. DWORD
  1083. RpcSetMMFilter(
  1084. MMFILTER_HANDLE hMMFilter,
  1085. DWORD dwVersion,
  1086. PMM_FILTER_CONTAINER pMMFilterContainer
  1087. )
  1088. {
  1089. DWORD dwError = 0;
  1090. PMM_FILTER pMMFilter = NULL;
  1091. BOOL bImpersonating = FALSE;
  1094. dwError = SPDImpersonateClient(
  1095. &bImpersonating
  1096. );
  1097. BAIL_ON_WIN32_ERROR(dwError);
  1099. if (dwVersion) {
  1100. dwError = ERROR_NOT_SUPPORTED;
  1101. BAIL_ON_WIN32_ERROR(dwError);
  1102. }
  1104. if (!hMMFilter || !pMMFilterContainer) {
  1105. dwError = ERROR_INVALID_PARAMETER;
  1106. BAIL_ON_WIN32_ERROR(dwError);
  1107. }
  1109. if (!(pMMFilterContainer->pMMFilters) ||
  1110. !(pMMFilterContainer->dwNumFilters)) {
  1111. dwError = ERROR_INVALID_PARAMETER;
  1112. BAIL_ON_WIN32_ERROR(dwError);
  1113. }
  1115. pMMFilter = pMMFilterContainer->pMMFilters;
  1117. if (pMMFilter && (pMMFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  1118. dwError = ERROR_INVALID_LEVEL;
  1119. BAIL_ON_WIN32_ERROR(dwError);
  1120. }
  1122. dwError = SetMMFilter(
  1123. hMMFilter,
  1124. dwVersion,
  1125. pMMFilter,
  1126. NULL
  1127. );
  1128. BAIL_ON_WIN32_ERROR(dwError);
  1130. error:
  1132. SPDRevertToSelf(bImpersonating);
  1133. return (dwError);
  1134. }
  1137. DWORD
  1138. RpcGetMMFilter(
  1139. MMFILTER_HANDLE hMMFilter,
  1140. DWORD dwVersion,
  1141. PMM_FILTER_CONTAINER * ppMMFilterContainer
  1142. )
  1143. {
  1144. DWORD dwError = 0;
  1145. PMM_FILTER pMMFilter = NULL;
  1146. BOOL bImpersonating = FALSE;
  1149. dwError = SPDImpersonateClient(
  1150. &bImpersonating
  1151. );
  1152. if (dwError) {
  1153. return (dwError);
  1154. }
  1156. if (dwVersion) {
  1157. SPDRevertToSelf(bImpersonating);
  1158. return (ERROR_NOT_SUPPORTED);
  1159. }
  1161. if (!hMMFilter || !ppMMFilterContainer || !*ppMMFilterContainer) {
  1162. SPDRevertToSelf(bImpersonating);
  1163. return (ERROR_INVALID_PARAMETER);
  1164. }
  1166. dwError = GetMMFilter(
  1167. hMMFilter,
  1168. dwVersion,
  1169. &pMMFilter,
  1170. NULL
  1171. );
  1172. BAIL_ON_WIN32_ERROR(dwError);
  1174. (*ppMMFilterContainer)->pMMFilters = pMMFilter;
  1175. (*ppMMFilterContainer)->dwNumFilters = 1;
  1176. SPDRevertToSelf(bImpersonating);
  1177. return (dwError);
  1179. error:
  1181. (*ppMMFilterContainer)->pMMFilters = NULL;
  1182. (*ppMMFilterContainer)->dwNumFilters = 0;
  1183. SPDRevertToSelf(bImpersonating);
  1184. return (dwError);
  1185. }
  1188. DWORD
  1189. RpcMatchMMFilter(
  1190. STRING_HANDLE pServerName,
  1191. DWORD dwVersion,
  1192. PMM_FILTER_CONTAINER pMMFilterContainer,
  1193. DWORD dwFlags,
  1194. DWORD dwPreferredNumEntries,
  1195. PMM_FILTER_CONTAINER * ppMMFilterContainer,
  1196. PIPSEC_MM_POLICY_CONTAINER * ppMMPolicyContainer,
  1197. PMM_AUTH_METHODS_CONTAINER * ppMMAuthContainer,
  1198. LPDWORD pdwResumeHandle
  1199. )
  1200. {
  1201. DWORD dwError = 0;
  1202. PMM_FILTER pMMFilter = NULL;
  1203. PMM_FILTER pMatchedMMFilters = NULL;
  1204. PIPSEC_MM_POLICY pMatchedMMPolicies = NULL;
  1205. PINT_MM_AUTH_METHODS pMatchedMMAuthMethods = NULL;
  1206. DWORD dwNumMatches = 0;
  1207. BOOL bImpersonating = FALSE;
  1210. dwError = SPDImpersonateClient(
  1211. &bImpersonating
  1212. );
  1213. if (dwError) {
  1214. return (dwError);
  1215. }
  1217. if (dwVersion) {
  1218. SPDRevertToSelf(bImpersonating);
  1219. return (ERROR_NOT_SUPPORTED);
  1220. }
  1222. if (!pMMFilterContainer || !ppMMFilterContainer ||
  1223. !ppMMPolicyContainer || !ppMMAuthContainer || !pdwResumeHandle ||
  1224. !*ppMMFilterContainer || !*ppMMPolicyContainer || !*ppMMAuthContainer) {
  1225. SPDRevertToSelf(bImpersonating);
  1226. return (ERROR_INVALID_PARAMETER);
  1227. }
  1229. if (!(pMMFilterContainer->pMMFilters) ||
  1230. !(pMMFilterContainer->dwNumFilters)) {
  1231. dwError = ERROR_INVALID_PARAMETER;
  1232. BAIL_ON_WIN32_ERROR(dwError);
  1233. }
  1235. pMMFilter = pMMFilterContainer->pMMFilters;
  1237. if (pMMFilter && (pMMFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  1238. dwError = ERROR_INVALID_LEVEL;
  1239. BAIL_ON_WIN32_ERROR(dwError);
  1240. }
  1242. dwError = IntMatchMMFilter(
  1243. pServerName,
  1244. dwVersion,
  1245. pMMFilter,
  1246. dwFlags,
  1247. dwPreferredNumEntries,
  1248. &pMatchedMMFilters,
  1249. &pMatchedMMPolicies,
  1250. &pMatchedMMAuthMethods,
  1251. &dwNumMatches,
  1252. pdwResumeHandle,
  1253. NULL
  1254. );
  1255. BAIL_ON_WIN32_ERROR(dwError);
  1257. (*ppMMFilterContainer)->pMMFilters = pMatchedMMFilters;
  1258. (*ppMMFilterContainer)->dwNumFilters = dwNumMatches;
  1259. (*ppMMPolicyContainer)->pPolicies = pMatchedMMPolicies;
  1260. (*ppMMPolicyContainer)->dwNumPolicies = dwNumMatches;
  1261. dwError = SPDConvertArrayIntMMAuthToExt(
  1262. pMatchedMMAuthMethods,
  1263. &(*ppMMAuthContainer)->pMMAuthMethods,
  1264. dwNumMatches
  1265. );
  1266. BAIL_ON_WIN32_ERROR(dwError);
  1267. (*ppMMAuthContainer)->dwNumAuthMethods = dwNumMatches;
  1269. SPDFreeIntMMAuthMethodsArray(
  1270. pMatchedMMAuthMethods,
  1271. dwNumMatches
  1272. );
  1273. pMatchedMMAuthMethods = NULL;
  1274. SPDRevertToSelf(bImpersonating);
  1275. return (dwError);
  1277. error:
  1278. if (pMatchedMMFilters) {
  1279. FreeMMFilters(
  1280. dwNumMatches,
  1281. pMatchedMMFilters
  1282. );
  1283. }
  1285. if (pMatchedMMPolicies) {
  1286. FreeMMPolicies(
  1287. dwNumMatches,
  1288. pMatchedMMPolicies
  1289. );
  1290. }
  1292. SPDFreeIntMMAuthMethodsArray(
  1293. pMatchedMMAuthMethods,
  1294. dwNumMatches
  1295. );
  1297. (*ppMMFilterContainer)->pMMFilters = NULL;
  1298. (*ppMMFilterContainer)->dwNumFilters = 0;
  1299. (*ppMMPolicyContainer)->pPolicies = NULL;
  1300. (*ppMMPolicyContainer)->dwNumPolicies = 0;
  1301. (*ppMMAuthContainer)->pMMAuthMethods = NULL;
  1302. (*ppMMAuthContainer)->dwNumAuthMethods = 0;
  1304. SPDRevertToSelf(bImpersonating);
  1305. return (dwError);
  1306. }
  1309. DWORD
  1310. RpcMatchTransportFilter(
  1311. STRING_HANDLE pServerName,
  1312. DWORD dwVersion,
  1313. PTRANSPORT_FILTER_CONTAINER pTxFilterContainer,
  1314. DWORD dwFlags,
  1315. DWORD dwPreferredNumEntries,
  1316. PTRANSPORT_FILTER_CONTAINER * ppTxFilterContainer,
  1317. PIPSEC_QM_POLICY_CONTAINER * ppQMPolicyContainer,
  1318. LPDWORD pdwResumeHandle
  1319. )
  1320. {
  1321. DWORD dwError = 0;
  1322. PTRANSPORT_FILTER pTxFilter = NULL;
  1323. PTRANSPORT_FILTER pMatchedTxFilters = NULL;
  1324. PIPSEC_QM_POLICY pMatchedQMPolicies = NULL;
  1325. DWORD dwNumMatches = 0;
  1326. BOOL bImpersonating = FALSE;
  1329. dwError = SPDImpersonateClient(
  1330. &bImpersonating
  1331. );
  1332. if (dwError) {
  1333. return (dwError);
  1334. }
  1336. if (dwVersion) {
  1337. SPDRevertToSelf(bImpersonating);
  1338. return (ERROR_NOT_SUPPORTED);
  1339. }
  1341. if (!pTxFilterContainer || !ppTxFilterContainer ||
  1342. !ppQMPolicyContainer || !pdwResumeHandle ||
  1343. !*ppTxFilterContainer || !*ppQMPolicyContainer) {
  1344. SPDRevertToSelf(bImpersonating);
  1345. return (ERROR_INVALID_PARAMETER);
  1346. }
  1348. if (!(pTxFilterContainer->pTransportFilters) ||
  1349. !(pTxFilterContainer->dwNumFilters)) {
  1350. dwError = ERROR_INVALID_PARAMETER;
  1351. BAIL_ON_WIN32_ERROR(dwError);
  1352. }
  1354. pTxFilter = pTxFilterContainer->pTransportFilters;
  1356. if (pTxFilter && (pTxFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  1357. dwError = ERROR_INVALID_LEVEL;
  1358. BAIL_ON_WIN32_ERROR(dwError);
  1359. }
  1361. dwError = MatchTransportFilter(
  1362. pServerName,
  1363. dwVersion,
  1364. pTxFilter,
  1365. dwFlags,
  1366. dwPreferredNumEntries,
  1367. &pMatchedTxFilters,
  1368. &pMatchedQMPolicies,
  1369. &dwNumMatches,
  1370. pdwResumeHandle,
  1371. NULL
  1372. );
  1373. BAIL_ON_WIN32_ERROR(dwError);
  1375. (*ppTxFilterContainer)->pTransportFilters = pMatchedTxFilters;
  1376. (*ppTxFilterContainer)->dwNumFilters = dwNumMatches;
  1377. (*ppQMPolicyContainer)->pPolicies = pMatchedQMPolicies;
  1378. (*ppQMPolicyContainer)->dwNumPolicies = dwNumMatches;
  1380. SPDRevertToSelf(bImpersonating);
  1381. return (dwError);
  1383. error:
  1385. (*ppTxFilterContainer)->pTransportFilters = NULL;
  1386. (*ppTxFilterContainer)->dwNumFilters = 0;
  1387. (*ppQMPolicyContainer)->pPolicies = NULL;
  1388. (*ppQMPolicyContainer)->dwNumPolicies = 0;
  1390. SPDRevertToSelf(bImpersonating);
  1391. return (dwError);
  1392. }
  1395. DWORD
  1396. RpcGetQMPolicyByID(
  1397. STRING_HANDLE pServerName,
  1398. DWORD dwVersion,
  1399. GUID gQMPolicyID,
  1400. DWORD dwFlags,
  1401. PIPSEC_QM_POLICY_CONTAINER * ppQMPolicyContainer
  1402. )
  1403. {
  1404. DWORD dwError = 0;
  1405. PIPSEC_QM_POLICY pQMPolicy = NULL;
  1406. BOOL bImpersonating = FALSE;
  1409. dwError = SPDImpersonateClient(
  1410. &bImpersonating
  1411. );
  1412. if (dwError) {
  1413. return (dwError);
  1414. }
  1416. if (dwVersion) {
  1417. SPDRevertToSelf(bImpersonating);
  1418. return (ERROR_NOT_SUPPORTED);
  1419. }
  1421. if (!ppQMPolicyContainer || !*ppQMPolicyContainer) {
  1422. SPDRevertToSelf(bImpersonating);
  1423. return (ERROR_INVALID_PARAMETER);
  1424. }
  1426. dwError = GetQMPolicyByID(
  1427. pServerName,
  1428. dwVersion,
  1429. gQMPolicyID,
  1430. dwFlags,
  1431. &pQMPolicy,
  1432. NULL
  1433. );
  1434. BAIL_ON_WIN32_ERROR(dwError);
  1436. (*ppQMPolicyContainer)->pPolicies = pQMPolicy;
  1437. (*ppQMPolicyContainer)->dwNumPolicies = 1;
  1438. SPDRevertToSelf(bImpersonating);
  1439. return (dwError);
  1441. error:
  1443. (*ppQMPolicyContainer)->pPolicies = NULL;
  1444. (*ppQMPolicyContainer)->dwNumPolicies = 0;
  1445. SPDRevertToSelf(bImpersonating);
  1446. return (dwError);
  1447. }
  1450. DWORD
  1451. RpcGetMMPolicyByID(
  1452. STRING_HANDLE pServerName,
  1453. DWORD dwVersion,
  1454. GUID gMMPolicyID,
  1455. PIPSEC_MM_POLICY_CONTAINER * ppMMPolicyContainer
  1456. )
  1457. {
  1458. DWORD dwError = 0;
  1459. PIPSEC_MM_POLICY pMMPolicy = NULL;
  1460. BOOL bImpersonating = FALSE;
  1463. dwError = SPDImpersonateClient(
  1464. &bImpersonating
  1465. );
  1466. if (dwError) {
  1467. return (dwError);
  1468. }
  1470. if (dwVersion) {
  1471. SPDRevertToSelf(bImpersonating);
  1472. return (ERROR_NOT_SUPPORTED);
  1473. }
  1475. if (!ppMMPolicyContainer || !*ppMMPolicyContainer) {
  1476. SPDRevertToSelf(bImpersonating);
  1477. return (ERROR_INVALID_PARAMETER);
  1478. }
  1480. dwError = GetMMPolicyByID(
  1481. pServerName,
  1482. dwVersion,
  1483. gMMPolicyID,
  1484. &pMMPolicy,
  1485. NULL
  1486. );
  1487. BAIL_ON_WIN32_ERROR(dwError);
  1489. (*ppMMPolicyContainer)->pPolicies = pMMPolicy;
  1490. (*ppMMPolicyContainer)->dwNumPolicies = 1;
  1491. SPDRevertToSelf(bImpersonating);
  1492. return (dwError);
  1494. error:
  1496. (*ppMMPolicyContainer)->pPolicies = NULL;
  1497. (*ppMMPolicyContainer)->dwNumPolicies = 0;
  1498. SPDRevertToSelf(bImpersonating);
  1499. return (dwError);
  1500. }
  1503. DWORD
  1504. RpcAddMMAuthMethods(
  1505. STRING_HANDLE pServerName,
  1506. DWORD dwVersion,
  1507. DWORD dwFlags,
  1508. PMM_AUTH_METHODS_CONTAINER pMMAuthContainer
  1509. )
  1510. {
  1511. DWORD dwError = 0;
  1512. PINT_MM_AUTH_METHODS pMMAuthMethods = NULL;
  1513. BOOL bImpersonating = FALSE;
  1516. dwError = SPDImpersonateClient(
  1517. &bImpersonating
  1518. );
  1519. BAIL_ON_WIN32_ERROR(dwError);
  1521. if (dwVersion) {
  1522. dwError = ERROR_NOT_SUPPORTED;
  1523. BAIL_ON_WIN32_ERROR(dwError);
  1524. }
  1526. if (!pMMAuthContainer) {
  1527. dwError = ERROR_INVALID_PARAMETER;
  1528. BAIL_ON_WIN32_ERROR(dwError);
  1529. }
  1531. if (!(pMMAuthContainer->pMMAuthMethods) ||
  1532. !(pMMAuthContainer->dwNumAuthMethods)) {
  1533. dwError = ERROR_INVALID_PARAMETER;
  1534. BAIL_ON_WIN32_ERROR(dwError);
  1535. }
  1537. dwError = ConvertExtMMAuthToInt(
  1538. pMMAuthContainer->pMMAuthMethods,
  1539. &pMMAuthMethods
  1540. );
  1541. BAIL_ON_WIN32_ERROR(dwError);
  1543. dwError = IntAddMMAuthMethods(
  1544. pServerName,
  1545. dwVersion,
  1546. dwFlags,
  1547. IPSEC_SOURCE_WINIPSEC,
  1548. pMMAuthMethods,
  1549. NULL
  1550. );
  1551. BAIL_ON_WIN32_ERROR(dwError);
  1553. error:
  1554. FreeIntMMAuthMethods(pMMAuthMethods);
  1555. SPDRevertToSelf(bImpersonating);
  1556. return (dwError);
  1557. }
  1560. DWORD
  1561. RpcDeleteMMAuthMethods(
  1562. STRING_HANDLE pServerName,
  1563. DWORD dwVersion,
  1564. GUID gMMAuthID
  1565. )
  1566. {
  1567. DWORD dwError = 0;
  1568. BOOL bImpersonating = FALSE;
  1571. dwError = SPDImpersonateClient(
  1572. &bImpersonating
  1573. );
  1574. BAIL_ON_WIN32_ERROR(dwError);
  1576. if (dwVersion) {
  1577. dwError = ERROR_NOT_SUPPORTED;
  1578. BAIL_ON_WIN32_ERROR(dwError);
  1579. }
  1581. dwError = DeleteMMAuthMethods(
  1582. pServerName,
  1583. dwVersion,
  1584. gMMAuthID,
  1585. NULL
  1586. );
  1587. BAIL_ON_WIN32_ERROR(dwError);
  1589. error:
  1591. SPDRevertToSelf(bImpersonating);
  1592. return (dwError);
  1593. }
  1596. DWORD
  1597. RpcEnumMMAuthMethods(
  1598. STRING_HANDLE pServerName,
  1599. DWORD dwVersion,
  1600. PMM_AUTH_METHODS_CONTAINER pMMTempAuthContainer,
  1601. DWORD dwFlags,
  1602. DWORD dwPreferredNumEntries,
  1603. PMM_AUTH_METHODS_CONTAINER * ppMMAuthContainer,
  1604. LPDWORD pdwResumeHandle
  1605. )
  1606. {
  1607. DWORD dwError = 0;
  1608. PINT_MM_AUTH_METHODS pMMAuthMethods = NULL;
  1609. DWORD dwNumAuthMethods = 0;
  1610. BOOL bImpersonating = FALSE;
  1611. PINT_MM_AUTH_METHODS pMMTemplateAuthMethods = NULL;
  1614. dwError = SPDImpersonateClient(
  1615. &bImpersonating
  1616. );
  1617. if (dwError) {
  1618. return (dwError);
  1619. }
  1621. if (dwVersion) {
  1622. SPDRevertToSelf(bImpersonating);
  1623. return (ERROR_NOT_SUPPORTED);
  1624. }
  1626. if (!pMMTempAuthContainer || !ppMMAuthContainer || !pdwResumeHandle ||
  1627. !*ppMMAuthContainer) {
  1628. SPDRevertToSelf(bImpersonating);
  1629. return (ERROR_INVALID_PARAMETER);
  1630. }
  1632. if ((pMMTempAuthContainer->dwNumAuthMethods) ||
  1633. (pMMTempAuthContainer->pMMAuthMethods)) {
  1634. dwError = ERROR_NOT_SUPPORTED;
  1635. BAIL_ON_WIN32_ERROR(dwError);
  1636. }
  1638. dwError = IntEnumMMAuthMethods(
  1639. pServerName,
  1640. dwVersion,
  1641. pMMTemplateAuthMethods,
  1642. dwFlags,
  1643. dwPreferredNumEntries,
  1644. &pMMAuthMethods,
  1645. &dwNumAuthMethods,
  1646. pdwResumeHandle,
  1647. NULL
  1648. );
  1649. BAIL_ON_WIN32_ERROR(dwError);
  1651. dwError = SPDConvertArrayIntMMAuthToExt(
  1652. pMMAuthMethods,
  1653. &(*ppMMAuthContainer)->pMMAuthMethods,
  1654. dwNumAuthMethods
  1655. );
  1656. BAIL_ON_WIN32_ERROR(dwError);
  1657. (*ppMMAuthContainer)->dwNumAuthMethods = dwNumAuthMethods;
  1659. SPDFreeIntMMAuthMethodsArray(
  1660. pMMAuthMethods,
  1661. dwNumAuthMethods
  1662. );
  1664. SPDRevertToSelf(bImpersonating);
  1665. return (dwError);
  1667. error:
  1668. (*ppMMAuthContainer)->pMMAuthMethods = NULL;
  1669. (*ppMMAuthContainer)->dwNumAuthMethods = 0;
  1671. SPDFreeIntMMAuthMethodsArray(
  1672. pMMAuthMethods,
  1673. dwNumAuthMethods
  1674. );
  1676. SPDRevertToSelf(bImpersonating);
  1677. return (dwError);
  1678. }
  1681. DWORD
  1682. RpcSetMMAuthMethods(
  1683. STRING_HANDLE pServerName,
  1684. DWORD dwVersion,
  1685. GUID gMMAuthID,
  1686. PMM_AUTH_METHODS_CONTAINER pMMAuthContainer
  1687. )
  1688. {
  1689. DWORD dwError = 0;
  1690. PINT_MM_AUTH_METHODS pMMAuthMethods = NULL;
  1691. BOOL bImpersonating = FALSE;
  1694. dwError = SPDImpersonateClient(
  1695. &bImpersonating
  1696. );
  1697. BAIL_ON_WIN32_ERROR(dwError);
  1699. if (dwVersion) {
  1700. dwError = ERROR_NOT_SUPPORTED;
  1701. BAIL_ON_WIN32_ERROR(dwError);
  1702. }
  1704. if (!pMMAuthContainer) {
  1705. dwError = ERROR_INVALID_PARAMETER;
  1706. BAIL_ON_WIN32_ERROR(dwError);
  1707. }
  1709. if (!(pMMAuthContainer->pMMAuthMethods) ||
  1710. !(pMMAuthContainer->dwNumAuthMethods)) {
  1711. dwError = ERROR_INVALID_PARAMETER;
  1712. BAIL_ON_WIN32_ERROR(dwError);
  1713. }
  1715. dwError = ConvertExtMMAuthToInt(
  1716. pMMAuthContainer->pMMAuthMethods,
  1717. &pMMAuthMethods
  1718. );
  1719. BAIL_ON_WIN32_ERROR(dwError);
  1721. dwError = IntSetMMAuthMethods(
  1722. pServerName,
  1723. dwVersion,
  1724. gMMAuthID,
  1725. pMMAuthMethods,
  1726. NULL
  1727. );
  1728. BAIL_ON_WIN32_ERROR(dwError);
  1730. error:
  1731. FreeIntMMAuthMethods(pMMAuthMethods);
  1732. SPDRevertToSelf(bImpersonating);
  1733. return (dwError);
  1734. }
  1737. DWORD
  1738. RpcGetMMAuthMethods(
  1739. STRING_HANDLE pServerName,
  1740. DWORD dwVersion,
  1741. GUID gMMAuthID,
  1742. PMM_AUTH_METHODS_CONTAINER * ppMMAuthContainer
  1743. )
  1744. {
  1745. DWORD dwError = 0;
  1746. PINT_MM_AUTH_METHODS pMMAuthMethods = NULL;
  1747. BOOL bImpersonating = FALSE;
  1750. dwError = SPDImpersonateClient(
  1751. &bImpersonating
  1752. );
  1753. if (dwError) {
  1754. return (dwError);
  1755. }
  1757. if (dwVersion) {
  1758. SPDRevertToSelf(bImpersonating);
  1759. return (ERROR_NOT_SUPPORTED);
  1760. }
  1762. if (!ppMMAuthContainer || !*ppMMAuthContainer) {
  1763. SPDRevertToSelf(bImpersonating);
  1764. return (ERROR_INVALID_PARAMETER);
  1765. }
  1767. dwError = IntGetMMAuthMethods(
  1768. pServerName,
  1769. dwVersion,
  1770. gMMAuthID,
  1771. &pMMAuthMethods,
  1772. NULL
  1773. );
  1774. BAIL_ON_WIN32_ERROR(dwError);
  1776. dwError = SPDConvertIntMMAuthToExt(
  1777. pMMAuthMethods,
  1778. &(*ppMMAuthContainer)->pMMAuthMethods
  1779. );
  1780. BAIL_ON_WIN32_ERROR(dwError);
  1781. (*ppMMAuthContainer)->dwNumAuthMethods = 1;
  1783. SPDFreeIntMMAuthMethods(pMMAuthMethods, TRUE);
  1784. SPDRevertToSelf(bImpersonating);
  1785. return (dwError);
  1787. error:
  1788. SPDFreeIntMMAuthMethods(pMMAuthMethods, TRUE);
  1789. (*ppMMAuthContainer)->pMMAuthMethods = NULL;
  1790. (*ppMMAuthContainer)->dwNumAuthMethods = 0;
  1791. SPDRevertToSelf(bImpersonating);
  1792. return (dwError);
  1793. }
  1796. DWORD
  1797. RpcQueryIPSecStatistics(
  1798. STRING_HANDLE pServerName,
  1799. DWORD dwVersion,
  1800. PIPSEC_STATISTICS_CONTAINER * ppIpsecStatsContainer
  1801. )
  1802. {
  1803. DWORD dwError = 0;
  1804. PIPSEC_STATISTICS pIpsecStatistics = NULL;
  1805. BOOL bImpersonating = FALSE;
  1808. dwError = SPDImpersonateClient(
  1809. &bImpersonating
  1810. );
  1811. if (dwError) {
  1812. return (dwError);
  1813. }
  1815. if (dwVersion) {
  1816. SPDRevertToSelf(bImpersonating);
  1817. return (ERROR_NOT_SUPPORTED);
  1818. }
  1820. if (!ppIpsecStatsContainer || !*ppIpsecStatsContainer) {
  1821. SPDRevertToSelf(bImpersonating);
  1822. return (ERROR_INVALID_PARAMETER);
  1823. }
  1825. dwError = QueryIPSecStatistics(
  1826. pServerName,
  1827. dwVersion,
  1828. &pIpsecStatistics,
  1829. NULL
  1830. );
  1831. BAIL_ON_WIN32_ERROR(dwError);
  1833. (*ppIpsecStatsContainer)->pIpsecStatistics = pIpsecStatistics;
  1834. (*ppIpsecStatsContainer)->dwNumIpsecStats = 1;
  1835. SPDRevertToSelf(bImpersonating);
  1836. return (dwError);
  1838. error:
  1840. (*ppIpsecStatsContainer)->pIpsecStatistics = NULL;
  1841. (*ppIpsecStatsContainer)->dwNumIpsecStats = 0;
  1842. SPDRevertToSelf(bImpersonating);
  1843. return (dwError);
  1844. }
  1847. DWORD
  1848. RpcEnumQMSAs(
  1849. STRING_HANDLE pServerName,
  1850. DWORD dwVersion,
  1851. PQM_SA_CONTAINER pQMSATempContainer,
  1852. DWORD dwFlags,
  1853. DWORD dwPreferredNumEntries,
  1854. PQM_SA_CONTAINER * ppQMSAContainer,
  1855. LPDWORD pdwNumTotalQMSAs,
  1856. LPDWORD pdwResumeHandle
  1857. )
  1858. {
  1859. DWORD dwError = 0;
  1860. PIPSEC_QM_SA pQMSATemplate = NULL;
  1861. PIPSEC_QM_SA pQMSAs = NULL;
  1862. DWORD dwNumQMSAs = 0;
  1863. BOOL bImpersonating = FALSE;
  1866. dwError = SPDImpersonateClient(
  1867. &bImpersonating
  1868. );
  1869. if (dwError) {
  1870. return (dwError);
  1871. }
  1873. if (dwVersion) {
  1874. SPDRevertToSelf(bImpersonating);
  1875. return (ERROR_NOT_SUPPORTED);
  1876. }
  1878. if (!pQMSATempContainer || !ppQMSAContainer ||
  1879. !pdwNumTotalQMSAs || !pdwResumeHandle ||
  1880. !*ppQMSAContainer) {
  1881. SPDRevertToSelf(bImpersonating);
  1882. return (ERROR_INVALID_PARAMETER);
  1883. }
  1885. if ((pQMSATempContainer->dwNumQMSAs) || (pQMSATempContainer->pQMSAs)) {
  1886. dwError = ERROR_NOT_SUPPORTED;
  1887. BAIL_ON_WIN32_ERROR(dwError);
  1888. }
  1890. dwError = EnumQMSAs(
  1891. pServerName,
  1892. dwVersion,
  1893. pQMSATemplate,
  1894. dwFlags,
  1895. dwPreferredNumEntries,
  1896. &pQMSAs,
  1897. &dwNumQMSAs,
  1898. pdwNumTotalQMSAs,
  1899. pdwResumeHandle,
  1900. NULL
  1901. );
  1902. BAIL_ON_WIN32_ERROR(dwError);
  1904. (*ppQMSAContainer)->pQMSAs = pQMSAs;
  1905. (*ppQMSAContainer)->dwNumQMSAs = dwNumQMSAs;
  1906. SPDRevertToSelf(bImpersonating);
  1907. return (dwError);
  1909. error:
  1911. (*ppQMSAContainer)->pQMSAs = NULL;
  1912. (*ppQMSAContainer)->dwNumQMSAs = 0;
  1913. SPDRevertToSelf(bImpersonating);
  1914. return (dwError);
  1915. }
  1918. VOID
  1919. TUNNELFILTER_HANDLE_rundown(
  1920. TUNNELFILTER_HANDLE hFilter
  1921. )
  1922. {
  1923. if (!gbSPDRPCServerUp) {
  1924. return;
  1925. }
  1927. if (hFilter) {
  1928. (VOID) DeleteTunnelFilter(
  1929. hFilter
  1930. );
  1931. }
  1933. return;
  1934. }
  1937. DWORD
  1938. RpcAddTunnelFilter(
  1939. STRING_HANDLE pServerName,
  1940. DWORD dwVersion,
  1941. DWORD dwFlags,
  1942. PTUNNEL_FILTER_CONTAINER pFilterContainer,
  1943. TUNNELFILTER_HANDLE * phFilter
  1944. )
  1945. {
  1946. DWORD dwError = 0;
  1947. PTUNNEL_FILTER pTunnelFilter = NULL;
  1948. BOOL bImpersonating = FALSE;
  1951. dwError = SPDImpersonateClient(
  1952. &bImpersonating
  1953. );
  1954. BAIL_ON_WIN32_ERROR(dwError);
  1956. if (dwVersion) {
  1957. dwError = ERROR_NOT_SUPPORTED;
  1958. BAIL_ON_WIN32_ERROR(dwError);
  1959. }
  1961. if (!pFilterContainer || !phFilter) {
  1962. dwError = ERROR_INVALID_PARAMETER;
  1963. BAIL_ON_WIN32_ERROR(dwError);
  1964. }
  1966. if (!(pFilterContainer->pTunnelFilters) ||
  1967. !(pFilterContainer->dwNumFilters)) {
  1968. dwError = ERROR_INVALID_PARAMETER;
  1969. BAIL_ON_WIN32_ERROR(dwError);
  1970. }
  1972. pTunnelFilter = pFilterContainer->pTunnelFilters;
  1974. if (pTunnelFilter && (pTunnelFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  1975. dwError = ERROR_INVALID_LEVEL;
  1976. BAIL_ON_WIN32_ERROR(dwError);
  1977. }
  1979. dwError = AddTunnelFilter(
  1980. pServerName,
  1981. dwVersion,
  1982. dwFlags,
  1983. pTunnelFilter,
  1984. NULL,
  1985. phFilter
  1986. );
  1987. BAIL_ON_WIN32_ERROR(dwError);
  1989. error:
  1991. SPDRevertToSelf(bImpersonating);
  1992. return (dwError);
  1993. }
  1996. DWORD
  1997. RpcDeleteTunnelFilter(
  1998. TUNNELFILTER_HANDLE * phFilter
  1999. )
  2000. {
  2001. DWORD dwError = 0;
  2002. BOOL bImpersonating = FALSE;
  2005. dwError = SPDImpersonateClient(
  2006. &bImpersonating
  2007. );
  2008. BAIL_ON_WIN32_ERROR(dwError);
  2010. if (!phFilter) {
  2011. SPDRevertToSelf(bImpersonating);
  2012. return (ERROR_INVALID_PARAMETER);
  2013. }
  2015. dwError = DeleteTunnelFilter(
  2016. *phFilter
  2017. );
  2018. BAIL_ON_WIN32_ERROR(dwError);
  2020. *phFilter = NULL;
  2022. error:
  2024. SPDRevertToSelf(bImpersonating);
  2025. return (dwError);
  2026. }
  2029. DWORD
  2030. RpcEnumTunnelFilters(
  2031. STRING_HANDLE pServerName,
  2032. DWORD dwVersion,
  2033. PTUNNEL_FILTER_CONTAINER pTemplateFilterContainer,
  2034. DWORD dwLevel,
  2035. GUID gGenericFilterID,
  2036. DWORD dwPreferredNumEntries,
  2037. PTUNNEL_FILTER_CONTAINER * ppFilterContainer,
  2038. LPDWORD pdwResumeHandle
  2039. )
  2040. {
  2041. DWORD dwError = 0;
  2042. PTUNNEL_FILTER pTunnelFilters = NULL;
  2043. DWORD dwNumFilters = 0;
  2044. BOOL bImpersonating = FALSE;
  2045. PTUNNEL_FILTER pTunnelTemplateFilter = NULL;
  2048. dwError = SPDImpersonateClient(
  2049. &bImpersonating
  2050. );
  2051. if (dwError) {
  2052. return (dwError);
  2053. }
  2055. if (dwVersion) {
  2056. SPDRevertToSelf(bImpersonating);
  2057. return (ERROR_NOT_SUPPORTED);
  2058. }
  2060. if (!pTemplateFilterContainer || !ppFilterContainer || !pdwResumeHandle ||
  2061. !*ppFilterContainer) {
  2062. SPDRevertToSelf(bImpersonating);
  2063. return (ERROR_INVALID_PARAMETER);
  2064. }
  2066. switch (dwLevel) {
  2068. case ENUM_GENERIC_FILTERS:
  2069. case ENUM_SELECT_SPECIFIC_FILTERS:
  2070. case ENUM_SPECIFIC_FILTERS:
  2071. break;
  2073. default:
  2074. dwError = ERROR_INVALID_LEVEL;
  2075. BAIL_ON_WIN32_ERROR(dwError);
  2076. break;
  2078. }
  2080. if ((pTemplateFilterContainer->dwNumFilters) ||
  2081. (pTemplateFilterContainer->pTunnelFilters)) {
  2082. dwError = ERROR_NOT_SUPPORTED;
  2083. BAIL_ON_WIN32_ERROR(dwError);
  2084. }
  2086. dwError = EnumTunnelFilters(
  2087. pServerName,
  2088. dwVersion,
  2089. pTunnelTemplateFilter,
  2090. dwLevel,
  2091. gGenericFilterID,
  2092. dwPreferredNumEntries,
  2093. &pTunnelFilters,
  2094. &dwNumFilters,
  2095. pdwResumeHandle,
  2096. NULL
  2097. );
  2098. BAIL_ON_WIN32_ERROR(dwError);
  2100. (*ppFilterContainer)->pTunnelFilters = pTunnelFilters;
  2101. (*ppFilterContainer)->dwNumFilters = dwNumFilters;
  2102. SPDRevertToSelf(bImpersonating);
  2103. return (dwError);
  2105. error:
  2107. (*ppFilterContainer)->pTunnelFilters = NULL;
  2108. (*ppFilterContainer)->dwNumFilters = 0;
  2109. SPDRevertToSelf(bImpersonating);
  2110. return (dwError);
  2111. }
  2114. DWORD
  2115. RpcSetTunnelFilter(
  2116. TUNNELFILTER_HANDLE hFilter,
  2117. DWORD dwVersion,
  2118. PTUNNEL_FILTER_CONTAINER pFilterContainer
  2119. )
  2120. {
  2121. DWORD dwError = 0;
  2122. PTUNNEL_FILTER pTunnelFilter = NULL;
  2123. BOOL bImpersonating = FALSE;
  2126. dwError = SPDImpersonateClient(
  2127. &bImpersonating
  2128. );
  2129. BAIL_ON_WIN32_ERROR(dwError);
  2131. if (dwVersion) {
  2132. dwError = ERROR_NOT_SUPPORTED;
  2133. BAIL_ON_WIN32_ERROR(dwError);
  2134. }
  2136. if (!hFilter || !pFilterContainer) {
  2137. dwError = ERROR_INVALID_PARAMETER;
  2138. BAIL_ON_WIN32_ERROR(dwError);
  2139. }
  2141. if (!(pFilterContainer->pTunnelFilters) ||
  2142. !(pFilterContainer->dwNumFilters)) {
  2143. dwError = ERROR_INVALID_PARAMETER;
  2144. BAIL_ON_WIN32_ERROR(dwError);
  2145. }
  2147. pTunnelFilter = pFilterContainer->pTunnelFilters;
  2149. if (pTunnelFilter && (pTunnelFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  2150. dwError = ERROR_INVALID_LEVEL;
  2151. BAIL_ON_WIN32_ERROR(dwError);
  2152. }
  2154. dwError = SetTunnelFilter(
  2155. hFilter,
  2156. dwVersion,
  2157. pTunnelFilter,
  2158. NULL
  2159. );
  2160. BAIL_ON_WIN32_ERROR(dwError);
  2162. error:
  2164. SPDRevertToSelf(bImpersonating);
  2165. return (dwError);
  2166. }
  2169. DWORD
  2170. RpcGetTunnelFilter(
  2171. TUNNELFILTER_HANDLE hFilter,
  2172. DWORD dwVersion,
  2173. PTUNNEL_FILTER_CONTAINER * ppFilterContainer
  2174. )
  2175. {
  2176. DWORD dwError = 0;
  2177. PTUNNEL_FILTER pTunnelFilter = NULL;
  2178. BOOL bImpersonating = FALSE;
  2181. dwError = SPDImpersonateClient(
  2182. &bImpersonating
  2183. );
  2184. if (dwError) {
  2185. return (dwError);
  2186. }
  2188. if (dwVersion) {
  2189. SPDRevertToSelf(bImpersonating);
  2190. return (ERROR_NOT_SUPPORTED);
  2191. }
  2193. if (!hFilter || !ppFilterContainer || !*ppFilterContainer) {
  2194. SPDRevertToSelf(bImpersonating);
  2195. return (ERROR_INVALID_PARAMETER);
  2196. }
  2198. dwError = GetTunnelFilter(
  2199. hFilter,
  2200. dwVersion,
  2201. &pTunnelFilter,
  2202. NULL
  2203. );
  2204. BAIL_ON_WIN32_ERROR(dwError);
  2206. (*ppFilterContainer)->pTunnelFilters = pTunnelFilter;
  2207. (*ppFilterContainer)->dwNumFilters = 1;
  2208. SPDRevertToSelf(bImpersonating);
  2209. return (dwError);
  2211. error:
  2213. (*ppFilterContainer)->pTunnelFilters = NULL;
  2214. (*ppFilterContainer)->dwNumFilters = 0;
  2215. SPDRevertToSelf(bImpersonating);
  2216. return (dwError);
  2217. }
  2220. DWORD
  2221. RpcMatchTunnelFilter(
  2222. STRING_HANDLE pServerName,
  2223. DWORD dwVersion,
  2224. PTUNNEL_FILTER_CONTAINER pTnFilterContainer,
  2225. DWORD dwFlags,
  2226. DWORD dwPreferredNumEntries,
  2227. PTUNNEL_FILTER_CONTAINER * ppTnFilterContainer,
  2228. PIPSEC_QM_POLICY_CONTAINER * ppQMPolicyContainer,
  2229. LPDWORD pdwResumeHandle
  2230. )
  2231. {
  2232. DWORD dwError = 0;
  2233. PTUNNEL_FILTER pTnFilter = NULL;
  2234. PTUNNEL_FILTER pMatchedTnFilters = NULL;
  2235. PIPSEC_QM_POLICY pMatchedQMPolicies = NULL;
  2236. DWORD dwNumMatches = 0;
  2237. BOOL bImpersonating = FALSE;
  2240. dwError = SPDImpersonateClient(
  2241. &bImpersonating
  2242. );
  2243. if (dwError) {
  2244. return (dwError);
  2245. }
  2247. if (dwVersion) {
  2248. SPDRevertToSelf(bImpersonating);
  2249. return (ERROR_NOT_SUPPORTED);
  2250. }
  2252. if (!pTnFilterContainer || !ppTnFilterContainer ||
  2253. !ppQMPolicyContainer || !pdwResumeHandle ||
  2254. !*ppTnFilterContainer || !*ppQMPolicyContainer) {
  2255. SPDRevertToSelf(bImpersonating);
  2256. return (ERROR_INVALID_PARAMETER);
  2257. }
  2259. if (!(pTnFilterContainer->pTunnelFilters) ||
  2260. !(pTnFilterContainer->dwNumFilters)) {
  2261. dwError = ERROR_INVALID_PARAMETER;
  2262. BAIL_ON_WIN32_ERROR(dwError);
  2263. }
  2265. pTnFilter = pTnFilterContainer->pTunnelFilters;
  2267. if (pTnFilter && (pTnFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  2268. dwError = ERROR_INVALID_LEVEL;
  2269. BAIL_ON_WIN32_ERROR(dwError);
  2270. }
  2272. dwError = MatchTunnelFilter(
  2273. pServerName,
  2274. dwVersion,
  2275. pTnFilter,
  2276. dwFlags,
  2277. dwPreferredNumEntries,
  2278. &pMatchedTnFilters,
  2279. &pMatchedQMPolicies,
  2280. &dwNumMatches,
  2281. pdwResumeHandle,
  2282. NULL
  2283. );
  2284. BAIL_ON_WIN32_ERROR(dwError);
  2286. (*ppTnFilterContainer)->pTunnelFilters = pMatchedTnFilters;
  2287. (*ppTnFilterContainer)->dwNumFilters = dwNumMatches;
  2288. (*ppQMPolicyContainer)->pPolicies = pMatchedQMPolicies;
  2289. (*ppQMPolicyContainer)->dwNumPolicies = dwNumMatches;
  2291. SPDRevertToSelf(bImpersonating);
  2292. return (dwError);
  2294. error:
  2296. (*ppTnFilterContainer)->pTunnelFilters = NULL;
  2297. (*ppTnFilterContainer)->dwNumFilters = 0;
  2298. (*ppQMPolicyContainer)->pPolicies = NULL;
  2299. (*ppQMPolicyContainer)->dwNumPolicies = 0;
  2301. SPDRevertToSelf(bImpersonating);
  2302. return (dwError);
  2303. }
  2306. DWORD
  2307. RpcOpenMMFilterHandle(
  2308. STRING_HANDLE pServerName,
  2309. DWORD dwVersion,
  2310. PMM_FILTER_CONTAINER pMMFilterContainer,
  2311. MMFILTER_HANDLE * phMMFilter
  2312. )
  2313. {
  2314. DWORD dwError = 0;
  2315. PMM_FILTER pMMFilter = NULL;
  2316. BOOL bImpersonating = FALSE;
  2319. dwError = SPDImpersonateClient(
  2320. &bImpersonating
  2321. );
  2322. BAIL_ON_WIN32_ERROR(dwError);
  2324. if (dwVersion) {
  2325. dwError = ERROR_NOT_SUPPORTED;
  2326. BAIL_ON_WIN32_ERROR(dwError);
  2327. }
  2329. if (!pMMFilterContainer || !phMMFilter) {
  2330. dwError = ERROR_INVALID_PARAMETER;
  2331. BAIL_ON_WIN32_ERROR(dwError);
  2332. }
  2334. if (!(pMMFilterContainer->pMMFilters) ||
  2335. !(pMMFilterContainer->dwNumFilters)) {
  2336. dwError = ERROR_INVALID_PARAMETER;
  2337. BAIL_ON_WIN32_ERROR(dwError);
  2338. }
  2340. pMMFilter = pMMFilterContainer->pMMFilters;
  2342. if (pMMFilter && (pMMFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  2343. dwError = ERROR_INVALID_LEVEL;
  2344. BAIL_ON_WIN32_ERROR(dwError);
  2345. }
  2347. dwError = OpenMMFilterHandle(
  2348. pServerName,
  2349. dwVersion,
  2350. pMMFilter,
  2351. NULL,
  2352. phMMFilter
  2353. );
  2354. BAIL_ON_WIN32_ERROR(dwError);
  2356. error:
  2358. SPDRevertToSelf(bImpersonating);
  2359. return (dwError);
  2360. }
  2363. DWORD
  2364. RpcCloseMMFilterHandle(
  2365. MMFILTER_HANDLE * phMMFilter
  2366. )
  2367. {
  2368. DWORD dwError = 0;
  2369. BOOL bImpersonating = FALSE;
  2372. dwError = SPDImpersonateClient(
  2373. &bImpersonating
  2374. );
  2375. BAIL_ON_WIN32_ERROR(dwError);
  2377. if (!phMMFilter) {
  2378. SPDRevertToSelf(bImpersonating);
  2379. return (ERROR_INVALID_PARAMETER);
  2380. }
  2382. dwError = CloseMMFilterHandle(
  2383. *phMMFilter
  2384. );
  2385. BAIL_ON_WIN32_ERROR(dwError);
  2387. *phMMFilter = NULL;
  2389. error:
  2391. SPDRevertToSelf(bImpersonating);
  2392. return (dwError);
  2393. }
  2396. DWORD
  2397. RpcOpenTransportFilterHandle(
  2398. STRING_HANDLE pServerName,
  2399. DWORD dwVersion,
  2400. PTRANSPORT_FILTER_CONTAINER pFilterContainer,
  2401. TRANSPORTFILTER_HANDLE * phFilter
  2402. )
  2403. {
  2404. DWORD dwError = 0;
  2405. PTRANSPORT_FILTER pTransportFilter = NULL;
  2406. BOOL bImpersonating = FALSE;
  2409. dwError = SPDImpersonateClient(
  2410. &bImpersonating
  2411. );
  2412. BAIL_ON_WIN32_ERROR(dwError);
  2414. if (dwVersion) {
  2415. dwError = ERROR_NOT_SUPPORTED;
  2416. BAIL_ON_WIN32_ERROR(dwError);
  2417. }
  2419. if (!pFilterContainer || !phFilter) {
  2420. dwError = ERROR_INVALID_PARAMETER;
  2421. BAIL_ON_WIN32_ERROR(dwError);
  2422. }
  2424. if (!(pFilterContainer->pTransportFilters) ||
  2425. !(pFilterContainer->dwNumFilters)) {
  2426. dwError = ERROR_INVALID_PARAMETER;
  2427. BAIL_ON_WIN32_ERROR(dwError);
  2428. }
  2430. pTransportFilter = pFilterContainer->pTransportFilters;
  2432. if (pTransportFilter && (pTransportFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  2433. dwError = ERROR_INVALID_LEVEL;
  2434. BAIL_ON_WIN32_ERROR(dwError);
  2435. }
  2437. dwError = OpenTransportFilterHandle(
  2438. pServerName,
  2439. dwVersion,
  2440. pTransportFilter,
  2441. NULL,
  2442. phFilter
  2443. );
  2444. BAIL_ON_WIN32_ERROR(dwError);
  2446. error:
  2448. SPDRevertToSelf(bImpersonating);
  2449. return (dwError);
  2450. }
  2453. DWORD
  2454. RpcCloseTransportFilterHandle(
  2455. TRANSPORTFILTER_HANDLE * phFilter
  2456. )
  2457. {
  2458. DWORD dwError = 0;
  2459. BOOL bImpersonating = FALSE;
  2462. dwError = SPDImpersonateClient(
  2463. &bImpersonating
  2464. );
  2465. BAIL_ON_WIN32_ERROR(dwError);
  2467. if (!phFilter) {
  2468. SPDRevertToSelf(bImpersonating);
  2469. return (ERROR_INVALID_PARAMETER);
  2470. }
  2472. dwError = CloseTransportFilterHandle(
  2473. *phFilter
  2474. );
  2475. BAIL_ON_WIN32_ERROR(dwError);
  2477. *phFilter = NULL;
  2479. error:
  2481. SPDRevertToSelf(bImpersonating);
  2482. return (dwError);
  2483. }
  2486. DWORD
  2487. RpcOpenTunnelFilterHandle(
  2488. STRING_HANDLE pServerName,
  2489. DWORD dwVersion,
  2490. PTUNNEL_FILTER_CONTAINER pFilterContainer,
  2491. TUNNELFILTER_HANDLE * phFilter
  2492. )
  2493. {
  2494. DWORD dwError = 0;
  2495. PTUNNEL_FILTER pTunnelFilter = NULL;
  2496. BOOL bImpersonating = FALSE;
  2499. dwError = SPDImpersonateClient(
  2500. &bImpersonating
  2501. );
  2502. BAIL_ON_WIN32_ERROR(dwError);
  2504. if (dwVersion) {
  2505. dwError = ERROR_NOT_SUPPORTED;
  2506. BAIL_ON_WIN32_ERROR(dwError);
  2507. }
  2509. if (!pFilterContainer || !phFilter) {
  2510. dwError = ERROR_INVALID_PARAMETER;
  2511. BAIL_ON_WIN32_ERROR(dwError);
  2512. }
  2514. if (!(pFilterContainer->pTunnelFilters) ||
  2515. !(pFilterContainer->dwNumFilters)) {
  2516. dwError = ERROR_INVALID_PARAMETER;
  2517. BAIL_ON_WIN32_ERROR(dwError);
  2518. }
  2520. pTunnelFilter = pFilterContainer->pTunnelFilters;
  2522. if (pTunnelFilter && (pTunnelFilter->IpVersion != IPSEC_PROTOCOL_V4)) {
  2523. dwError = ERROR_INVALID_LEVEL;
  2524. BAIL_ON_WIN32_ERROR(dwError);
  2525. }
  2527. dwError = OpenTunnelFilterHandle(
  2528. pServerName,
  2529. dwVersion,
  2530. pTunnelFilter,
  2531. NULL,
  2532. phFilter
  2533. );
  2534. BAIL_ON_WIN32_ERROR(dwError);
  2536. error:
  2538. SPDRevertToSelf(bImpersonating);
  2539. return (dwError);
  2540. }
  2543. DWORD
  2544. RpcCloseTunnelFilterHandle(
  2545. TUNNELFILTER_HANDLE * phFilter
  2546. )
  2547. {
  2548. DWORD dwError = 0;
  2549. BOOL bImpersonating = FALSE;
  2552. dwError = SPDImpersonateClient(
  2553. &bImpersonating
  2554. );
  2555. BAIL_ON_WIN32_ERROR(dwError);
  2557. if (!phFilter) {
  2558. SPDRevertToSelf(bImpersonating);
  2559. return (ERROR_INVALID_PARAMETER);
  2560. }
  2562. dwError = CloseTunnelFilterHandle(
  2563. *phFilter
  2564. );
  2565. BAIL_ON_WIN32_ERROR(dwError);
  2567. *phFilter = NULL;
  2569. error:
  2571. SPDRevertToSelf(bImpersonating);
  2572. return (dwError);
  2573. }
  2576. DWORD
  2577. RpcEnumIpsecInterfaces(
  2578. STRING_HANDLE pServerName,
  2579. DWORD dwVersion,
  2580. PIPSEC_INTERFACE_CONTAINER pIpsecIfTempContainer,
  2581. DWORD dwFlags,
  2582. DWORD dwPreferredNumEntries,
  2583. PIPSEC_INTERFACE_CONTAINER * ppIpsecIfContainer,
  2584. LPDWORD pdwNumTotalInterfaces,
  2585. LPDWORD pdwResumeHandle
  2586. )
  2587. {
  2588. DWORD dwError = 0;
  2589. PIPSEC_INTERFACE_INFO pIpsecIfTemplate = NULL;
  2590. PIPSEC_INTERFACE_INFO pIpsecInterfaces = NULL;
  2591. DWORD dwNumInterfaces = 0;
  2592. BOOL bImpersonating = FALSE;
  2595. dwError = SPDImpersonateClient(
  2596. &bImpersonating
  2597. );
  2598. if (dwError) {
  2599. return (dwError);
  2600. }
  2602. if (dwVersion) {
  2603. SPDRevertToSelf(bImpersonating);
  2604. return (ERROR_NOT_SUPPORTED);
  2605. }
  2607. if (!pIpsecIfTempContainer || !ppIpsecIfContainer ||
  2608. !pdwNumTotalInterfaces || !pdwResumeHandle ||
  2609. !*ppIpsecIfContainer) {
  2610. SPDRevertToSelf(bImpersonating);
  2611. return (ERROR_INVALID_PARAMETER);
  2612. }
  2614. if ((pIpsecIfTempContainer->dwNumInterfaces) ||
  2615. (pIpsecIfTempContainer->pIpsecInterfaces)) {
  2616. dwError = ERROR_NOT_SUPPORTED;
  2617. BAIL_ON_WIN32_ERROR(dwError);
  2618. }
  2620. dwError = EnumIPSecInterfaces(
  2621. pServerName,
  2622. dwVersion,
  2623. pIpsecIfTemplate,
  2624. dwFlags,
  2625. dwPreferredNumEntries,
  2626. &pIpsecInterfaces,
  2627. &dwNumInterfaces,
  2628. pdwNumTotalInterfaces,
  2629. pdwResumeHandle,
  2630. NULL
  2631. );
  2632. BAIL_ON_WIN32_ERROR(dwError);
  2634. (*ppIpsecIfContainer)->pIpsecInterfaces = pIpsecInterfaces;
  2635. (*ppIpsecIfContainer)->dwNumInterfaces = dwNumInterfaces;
  2636. SPDRevertToSelf(bImpersonating);
  2637. return (dwError);
  2639. error:
  2641. (*ppIpsecIfContainer)->pIpsecInterfaces = NULL;
  2642. (*ppIpsecIfContainer)->dwNumInterfaces = 0;
  2643. SPDRevertToSelf(bImpersonating);
  2644. return (dwError);
  2645. }
  2648. DWORD
  2649. RpcDeleteQMSAs(
  2650. STRING_HANDLE pServerName,
  2651. DWORD dwVersion,
  2652. PQM_SA_CONTAINER pQMSAContainer,
  2653. DWORD dwFlags
  2654. )
  2655. {
  2656. DWORD dwError = 0;
  2657. BOOL bImpersonating = FALSE;
  2660. dwError = SPDImpersonateClient(
  2661. &bImpersonating
  2662. );
  2663. BAIL_ON_WIN32_ERROR(dwError);
  2665. if (dwVersion) {
  2666. dwError = ERROR_NOT_SUPPORTED;
  2667. BAIL_ON_WIN32_ERROR(dwError);
  2668. }
  2670. if (!pQMSAContainer) {
  2671. dwError = ERROR_INVALID_PARAMETER;
  2672. BAIL_ON_WIN32_ERROR(dwError);
  2673. }
  2675. if (!(pQMSAContainer->pQMSAs) ||
  2676. !(pQMSAContainer->dwNumQMSAs)) {
  2677. dwError = ERROR_INVALID_PARAMETER;
  2678. BAIL_ON_WIN32_ERROR(dwError);
  2679. }
  2681. if (pQMSAContainer->pQMSAs &&
  2682. (pQMSAContainer->pQMSAs->IpsecQMFilter.IpVersion != IPSEC_PROTOCOL_V4)) {
  2683. dwError = ERROR_INVALID_LEVEL;
  2684. BAIL_ON_WIN32_ERROR(dwError);
  2685. }
  2687. dwError = ValidateQMFilterAddresses(
  2688. &pQMSAContainer->pQMSAs->IpsecQMFilter
  2689. );
  2690. BAIL_ON_WIN32_ERROR(dwError);
  2692. dwError = DeleteQMSAs(
  2693. pServerName,
  2694. dwVersion,
  2695. pQMSAContainer->pQMSAs,
  2696. dwFlags,
  2697. NULL
  2698. );
  2699. BAIL_ON_WIN32_ERROR(dwError);
  2701. error:
  2703. SPDRevertToSelf(bImpersonating);
  2704. return (dwError);
  2705. }
  2707. DWORD
  2708. WINAPI
  2709. RpcQuerySpdPolicyState(
  2710. STRING_HANDLE pServerName,
  2711. DWORD dwVersion,
  2712. PSPD_POLICY_STATE_CONTAINER * ppSpdPolicyStateContainer
  2713. )
  2714. {
  2715. DWORD dwError = 0;
  2716. PSPD_POLICY_STATE pSpdPolicyState = NULL;
  2717. BOOL bImpersonating = FALSE;
  2719. dwError = SPDImpersonateClient(
  2720. &bImpersonating
  2721. );
  2722. if (dwError) {
  2723. return (dwError);
  2724. }
  2726. if (dwVersion) {
  2727. SPDRevertToSelf(bImpersonating);
  2728. return (ERROR_NOT_SUPPORTED);
  2729. }
  2731. if (!ppSpdPolicyStateContainer || !*ppSpdPolicyStateContainer) {
  2732. SPDRevertToSelf(bImpersonating);
  2733. return (ERROR_INVALID_PARAMETER);
  2734. }
  2736. dwError = QuerySpdPolicyState(
  2737. pServerName,
  2738. dwVersion,
  2739. &pSpdPolicyState,
  2740. NULL
  2741. );
  2743. BAIL_ON_WIN32_ERROR(dwError);
  2745. (*ppSpdPolicyStateContainer)->pSpdPolicyStates = pSpdPolicyState;
  2746. (*ppSpdPolicyStateContainer)->dwNumPolicyStates = 1;
  2747. SPDRevertToSelf(bImpersonating);
  2748. return (dwError);
  2750. error:
  2752. (*ppSpdPolicyStateContainer)->pSpdPolicyStates = NULL;
  2753. (*ppSpdPolicyStateContainer)->dwNumPolicyStates = 0;
  2754. SPDRevertToSelf(bImpersonating);
  2755. return (dwError);
  2756. }