archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/net/ipsec/pastore/regstore.c

1922 lines
50 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include "precomp.h"
  3. LPWSTR gpszIpsecRegContainer = L"SOFTWARE\\Policies\\Microsoft\\Windows\\IPSec\\Policy\\Local";
  6. DWORD
  7. OpenRegistryIPSECRootKey(
  8. LPWSTR pszServerName,
  9. LPWSTR pszIpsecRegRootContainer,
  10. HKEY * phRegistryKey
  11. )
  12. {
  13. DWORD dwError = 0;
  15. dwError = RegOpenKeyExW(
  16. HKEY_LOCAL_MACHINE,
  17. (LPCWSTR) pszIpsecRegRootContainer,
  18. 0,
  19. KEY_ALL_ACCESS,
  20. phRegistryKey
  21. );
  23. BAIL_ON_WIN32_ERROR(dwError);
  25. error:
  27. return(dwError);
  28. }
  31. DWORD
  32. ReadPolicyObjectFromRegistry(
  33. HKEY hRegistryKey,
  34. LPWSTR pszPolicyDN,
  35. LPWSTR pszIpsecRegRootContainer,
  36. PIPSEC_POLICY_OBJECT * ppIpsecPolicyObject
  37. )
  38. {
  40. DWORD dwError = 0;
  41. PIPSEC_POLICY_OBJECT pIpsecPolicyObject = NULL;
  43. DWORD dwNumNFAObjectsReturned = 0;
  44. PIPSEC_NFA_OBJECT * ppIpsecNFAObjects = NULL;
  45. LPWSTR * ppszFilterReferences = NULL;
  46. DWORD dwNumFilterReferences = 0;
  47. LPWSTR * ppszNegPolReferences = NULL;
  48. DWORD dwNumNegPolReferences = 0;
  50. PIPSEC_FILTER_OBJECT * ppIpsecFilterObjects = NULL;
  51. DWORD dwNumFilterObjects = 0;
  53. PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObjects = NULL;
  54. DWORD dwNumNegPolObjects = 0;
  56. PIPSEC_ISAKMP_OBJECT * ppIpsecISAKMPObjects = NULL;
  57. DWORD dwNumISAKMPObjects = 0;
  60. dwError = UnMarshallRegistryPolicyObject(
  61. hRegistryKey,
  62. pszIpsecRegRootContainer,
  63. pszPolicyDN,
  64. REG_FULLY_QUALIFIED_NAME,
  65. &pIpsecPolicyObject
  66. );
  67. BAIL_ON_WIN32_ERROR(dwError);
  69. dwError = ReadNFAObjectsFromRegistry(
  70. hRegistryKey,
  71. pszIpsecRegRootContainer,
  72. pIpsecPolicyObject->pszIpsecOwnersReference,
  73. pIpsecPolicyObject->ppszIpsecNFAReferences,
  74. pIpsecPolicyObject->NumberofRules,
  75. &ppIpsecNFAObjects,
  76. &dwNumNFAObjectsReturned,
  77. &ppszFilterReferences,
  78. &dwNumFilterReferences,
  79. &ppszNegPolReferences,
  80. &dwNumNegPolReferences
  81. );
  82. BAIL_ON_WIN32_ERROR(dwError);
  85. dwError = ReadFilterObjectsFromRegistry(
  86. hRegistryKey,
  87. pszIpsecRegRootContainer,
  88. ppszFilterReferences,
  89. dwNumFilterReferences,
  90. &ppIpsecFilterObjects,
  91. &dwNumFilterObjects
  92. );
  93. BAIL_ON_WIN32_ERROR(dwError);
  96. dwError = ReadNegPolObjectsFromRegistry(
  97. hRegistryKey,
  98. pszIpsecRegRootContainer,
  99. ppszNegPolReferences,
  100. dwNumNegPolReferences,
  101. &ppIpsecNegPolObjects,
  102. &dwNumNegPolObjects
  103. );
  104. BAIL_ON_WIN32_ERROR(dwError);
  107. dwError = ReadISAKMPObjectsFromRegistry(
  108. hRegistryKey,
  109. pszIpsecRegRootContainer,
  110. &pIpsecPolicyObject->pszIpsecISAKMPReference,
  111. 1,
  112. &ppIpsecISAKMPObjects,
  113. &dwNumISAKMPObjects
  114. );
  115. BAIL_ON_WIN32_ERROR(dwError);
  118. pIpsecPolicyObject->ppIpsecNFAObjects = ppIpsecNFAObjects;
  119. pIpsecPolicyObject->NumberofRulesReturned = dwNumNFAObjectsReturned;
  120. pIpsecPolicyObject->NumberofFilters = dwNumFilterObjects;
  121. pIpsecPolicyObject->ppIpsecFilterObjects = ppIpsecFilterObjects;
  122. pIpsecPolicyObject->ppIpsecNegPolObjects = ppIpsecNegPolObjects;
  123. pIpsecPolicyObject->NumberofNegPols = dwNumNegPolObjects;
  124. pIpsecPolicyObject->NumberofISAKMPs = dwNumISAKMPObjects;
  125. pIpsecPolicyObject->ppIpsecISAKMPObjects = ppIpsecISAKMPObjects;
  128. *ppIpsecPolicyObject = pIpsecPolicyObject;
  130. cleanup:
  132. if (ppszFilterReferences) {
  134. FreeFilterReferences(
  135. ppszFilterReferences,
  136. dwNumFilterReferences
  137. );
  138. }
  140. if (ppszNegPolReferences) {
  142. FreeNegPolReferences(
  143. ppszNegPolReferences,
  144. dwNumNegPolReferences
  145. );
  146. }
  149. return(dwError);
  151. error:
  153. if (pIpsecPolicyObject) {
  154. FreeIpsecPolicyObject(
  155. pIpsecPolicyObject
  156. );
  157. }
  159. *ppIpsecPolicyObject = NULL;
  162. goto cleanup;
  164. }
  166. DWORD
  167. ReadNFAObjectsFromRegistry(
  168. HKEY hRegistryKey,
  169. LPWSTR pszIpsecRootContainer,
  170. LPWSTR pszIpsecOwnerReference,
  171. LPWSTR * ppszNFADNs,
  172. DWORD dwNumNfaObjects,
  173. PIPSEC_NFA_OBJECT ** pppIpsecNFAObjects,
  174. PDWORD pdwNumNfaObjects,
  175. LPWSTR ** pppszFilterReferences,
  176. PDWORD pdwNumFilterReferences,
  177. LPWSTR ** pppszNegPolReferences,
  178. PDWORD pdwNumNegPolReferences
  179. )
  180. {
  182. DWORD dwError = 0;
  183. DWORD i = 0;
  184. PIPSEC_NFA_OBJECT pIpsecNFAObject = NULL;
  185. PIPSEC_NFA_OBJECT * ppIpsecNFAObjects = NULL;
  186. LPWSTR * ppszFilterReferences = NULL;
  187. LPWSTR * ppszNegPolReferences = NULL;
  188. LPWSTR pszFilterReference = NULL;
  189. LPWSTR pszNegPolReference = NULL;
  190. DWORD dwNumFilterReferences = 0;
  191. DWORD dwNumNegPolReferences = 0;
  192. BOOL bNewNegPolReference = TRUE;
  194. DWORD dwNumNFAObjectsReturned = 0;
  196. *pppszNegPolReferences = NULL;
  197. *pdwNumFilterReferences = 0;
  198. *pppszFilterReferences = NULL;
  199. *pdwNumNegPolReferences = 0;
  200. *pppIpsecNFAObjects = NULL;
  201. *pdwNumNfaObjects = 0;
  203. ppIpsecNFAObjects = (PIPSEC_NFA_OBJECT *)AllocPolMem(
  204. sizeof(PIPSEC_NFA_OBJECT)*dwNumNfaObjects
  205. );
  206. if (!ppIpsecNFAObjects) {
  207. dwError = ERROR_OUTOFMEMORY;
  208. BAIL_ON_WIN32_ERROR(dwError);
  209. }
  212. ppszFilterReferences = (LPWSTR *)AllocPolMem(
  213. sizeof(LPWSTR)*dwNumNfaObjects
  214. );
  215. if (!ppszFilterReferences) {
  216. dwError = ERROR_OUTOFMEMORY;
  217. BAIL_ON_WIN32_ERROR(dwError);
  218. }
  220. ppszNegPolReferences = (LPWSTR *)AllocPolMem(
  221. sizeof(LPWSTR)*dwNumNfaObjects
  222. );
  223. if (!ppszNegPolReferences) {
  224. dwError = ERROR_OUTOFMEMORY;
  225. BAIL_ON_WIN32_ERROR(dwError);
  226. }
  229. for (i = 0; i < dwNumNfaObjects; i++) {
  232. dwError =UnMarshallRegistryNFAObject(
  233. hRegistryKey,
  234. pszIpsecRootContainer,
  235. *(ppszNFADNs + i),
  236. &pIpsecNFAObject,
  237. &pszFilterReference,
  238. &pszNegPolReference
  239. );
  241. if (dwError == ERROR_SUCCESS) {
  243. *(ppIpsecNFAObjects + dwNumNFAObjectsReturned) = pIpsecNFAObject;
  245. if (pszFilterReference) {
  247. *(ppszFilterReferences + dwNumFilterReferences) = pszFilterReference;
  248. dwNumFilterReferences++;
  250. }
  252. if (pszNegPolReference) {
  253. bNewNegPolReference = !(IsStringInArray(
  254. ppszNegPolReferences,
  255. pszNegPolReference,
  256. dwNumNegPolReferences
  257. ));
  259. if (bNewNegPolReference) {
  260. *(ppszNegPolReferences + dwNumNegPolReferences) = pszNegPolReference;
  261. dwNumNegPolReferences++;
  262. } else {
  263. FreePolStr(pszNegPolReference);
  264. pszNegPolReference = NULL;
  265. }
  266. }
  268. dwNumNFAObjectsReturned++;
  270. }
  272. }
  274. if (dwNumNFAObjectsReturned == 0) {
  275. dwError = ERROR_INVALID_DATA;
  276. BAIL_ON_WIN32_ERROR(dwError);
  277. }
  279. *pppszFilterReferences = ppszFilterReferences;
  280. *pppszNegPolReferences = ppszNegPolReferences;
  282. *pppIpsecNFAObjects = ppIpsecNFAObjects;
  283. *pdwNumNfaObjects = dwNumNFAObjectsReturned;
  284. *pdwNumNegPolReferences = dwNumNegPolReferences;
  285. *pdwNumFilterReferences = dwNumFilterReferences;
  290. dwError = ERROR_SUCCESS;
  292. cleanup:
  294. return(dwError);
  296. error:
  298. if (ppszNegPolReferences) {
  299. FreeNegPolReferences(
  300. ppszNegPolReferences,
  301. dwNumNFAObjectsReturned
  302. );
  303. }
  306. if (ppszFilterReferences) {
  307. FreeFilterReferences(
  308. ppszFilterReferences,
  309. dwNumNFAObjectsReturned
  310. );
  311. }
  313. if (ppIpsecNFAObjects) {
  315. FreeIpsecNFAObjects(
  316. ppIpsecNFAObjects,
  317. dwNumNFAObjectsReturned
  318. );
  320. }
  322. *pppszNegPolReferences = NULL;
  323. *pppszFilterReferences = NULL;
  324. *pppIpsecNFAObjects = NULL;
  325. *pdwNumNfaObjects = 0;
  326. *pdwNumNegPolReferences = 0;
  327. *pdwNumFilterReferences = 0;
  329. goto cleanup;
  330. }
  333. DWORD
  334. ReadFilterObjectsFromRegistry(
  335. HKEY hRegistryKey,
  336. LPWSTR pszIpsecRootContainer,
  337. LPWSTR * ppszFilterDNs,
  338. DWORD dwNumFilterObjects,
  339. PIPSEC_FILTER_OBJECT ** pppIpsecFilterObjects,
  340. PDWORD pdwNumFilterObjects
  341. )
  342. {
  344. DWORD dwError = 0;
  345. DWORD i = 0;
  346. DWORD dwCount = 0;
  347. PIPSEC_FILTER_OBJECT pIpsecFilterObject = NULL;
  348. PIPSEC_FILTER_OBJECT * ppIpsecFilterObjects = NULL;
  350. DWORD dwNumFilterObjectsReturned = 0;
  353. *pppIpsecFilterObjects = NULL;
  354. *pdwNumFilterObjects = 0;
  356. ppIpsecFilterObjects = (PIPSEC_FILTER_OBJECT *)AllocPolMem(
  357. sizeof(PIPSEC_FILTER_OBJECT)*dwNumFilterObjects
  358. );
  359. if (!ppIpsecFilterObjects) {
  360. dwError = ERROR_OUTOFMEMORY;
  361. BAIL_ON_WIN32_ERROR(dwError);
  362. }
  365. for (i = 0; i < dwNumFilterObjects; i++) {
  367. dwError =UnMarshallRegistryFilterObject(
  368. hRegistryKey,
  369. pszIpsecRootContainer,
  370. *(ppszFilterDNs + i),
  371. REG_FULLY_QUALIFIED_NAME,
  372. &pIpsecFilterObject
  373. );
  374. if (dwError == ERROR_SUCCESS) {
  376. *(ppIpsecFilterObjects + dwNumFilterObjectsReturned) = pIpsecFilterObject;
  377. dwNumFilterObjectsReturned++;
  379. }
  382. }
  384. *pppIpsecFilterObjects = ppIpsecFilterObjects;
  385. *pdwNumFilterObjects = dwNumFilterObjectsReturned;
  387. dwError = ERROR_SUCCESS;
  389. return(dwError);
  391. error:
  394. if (ppIpsecFilterObjects) {
  396. FreeIpsecFilterObjects(
  397. ppIpsecFilterObjects,
  398. dwNumFilterObjectsReturned
  399. );
  400. }
  402. *pppIpsecFilterObjects = NULL;
  403. *pdwNumFilterObjects = 0;
  406. return(dwError);
  407. }
  411. DWORD
  412. ReadNegPolObjectsFromRegistry(
  413. HKEY hRegistryKey,
  414. LPWSTR pszIpsecRootContainer,
  415. LPWSTR * ppszNegPolDNs,
  416. DWORD dwNumNegPolObjects,
  417. PIPSEC_NEGPOL_OBJECT ** pppIpsecNegPolObjects,
  418. PDWORD pdwNumNegPolObjects
  419. )
  420. {
  422. DWORD dwError = 0;
  423. DWORD i = 0;
  424. DWORD dwCount = 0;
  425. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
  426. PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObjects = NULL;
  428. DWORD dwNumNegPolObjectsReturned = 0;
  431. *pppIpsecNegPolObjects = NULL;
  432. *pdwNumNegPolObjects = 0;
  434. ppIpsecNegPolObjects = (PIPSEC_NEGPOL_OBJECT *)AllocPolMem(
  435. sizeof(PIPSEC_NEGPOL_OBJECT)*dwNumNegPolObjects
  436. );
  437. if (!ppIpsecNegPolObjects) {
  438. dwError = ERROR_OUTOFMEMORY;
  439. BAIL_ON_WIN32_ERROR(dwError);
  440. }
  443. for (i = 0; i < dwNumNegPolObjects; i++) {
  445. dwError =UnMarshallRegistryNegPolObject(
  446. hRegistryKey,
  447. pszIpsecRootContainer,
  448. *(ppszNegPolDNs + i),
  449. REG_FULLY_QUALIFIED_NAME,
  450. &pIpsecNegPolObject
  451. );
  452. if (dwError == ERROR_SUCCESS) {
  454. *(ppIpsecNegPolObjects + dwNumNegPolObjectsReturned) = pIpsecNegPolObject;
  455. dwNumNegPolObjectsReturned++;
  457. }
  460. }
  462. if (dwNumNegPolObjectsReturned == 0) {
  463. dwError = ERROR_INVALID_DATA;
  464. BAIL_ON_WIN32_ERROR(dwError);
  465. }
  467. *pppIpsecNegPolObjects = ppIpsecNegPolObjects;
  468. *pdwNumNegPolObjects = dwNumNegPolObjectsReturned;
  470. dwError = ERROR_SUCCESS;
  472. return(dwError);
  474. error:
  477. if (ppIpsecNegPolObjects) {
  479. FreeIpsecNegPolObjects(
  480. ppIpsecNegPolObjects,
  481. dwNumNegPolObjectsReturned
  482. );
  483. }
  485. *pppIpsecNegPolObjects = NULL;
  486. *pdwNumNegPolObjects = 0;
  489. return(dwError);
  490. }
  492. DWORD
  493. ReadISAKMPObjectsFromRegistry(
  494. HKEY hRegistryKey,
  495. LPWSTR pszIpsecRootContainer,
  496. LPWSTR * ppszISAKMPDNs,
  497. DWORD dwNumISAKMPObjects,
  498. PIPSEC_ISAKMP_OBJECT ** pppIpsecISAKMPObjects,
  499. PDWORD pdwNumISAKMPObjects
  500. )
  501. {
  503. DWORD dwError = 0;
  504. DWORD i = 0;
  505. DWORD dwCount = 0;
  506. PIPSEC_ISAKMP_OBJECT pIpsecISAKMPObject = NULL;
  507. PIPSEC_ISAKMP_OBJECT * ppIpsecISAKMPObjects = NULL;
  509. DWORD dwNumISAKMPObjectsReturned = 0;
  512. *pppIpsecISAKMPObjects = NULL;
  513. *pdwNumISAKMPObjects = 0;
  515. ppIpsecISAKMPObjects = (PIPSEC_ISAKMP_OBJECT *)AllocPolMem(
  516. sizeof(PIPSEC_ISAKMP_OBJECT)*dwNumISAKMPObjects
  517. );
  518. if (!ppIpsecISAKMPObjects) {
  519. dwError = ERROR_OUTOFMEMORY;
  520. BAIL_ON_WIN32_ERROR(dwError);
  521. }
  524. for (i = 0; i < dwNumISAKMPObjects; i++) {
  526. dwError =UnMarshallRegistryISAKMPObject(
  527. hRegistryKey,
  528. pszIpsecRootContainer,
  529. *(ppszISAKMPDNs + i),
  530. REG_FULLY_QUALIFIED_NAME,
  531. &pIpsecISAKMPObject
  532. );
  533. if (dwError == ERROR_SUCCESS) {
  535. *(ppIpsecISAKMPObjects + dwNumISAKMPObjectsReturned) = pIpsecISAKMPObject;
  536. dwNumISAKMPObjectsReturned++;
  538. }
  541. }
  543. if (dwNumISAKMPObjectsReturned == 0) {
  544. dwError = ERROR_INVALID_DATA;
  545. BAIL_ON_WIN32_ERROR(dwError);
  546. }
  548. *pppIpsecISAKMPObjects = ppIpsecISAKMPObjects;
  549. *pdwNumISAKMPObjects = dwNumISAKMPObjectsReturned;
  551. dwError = ERROR_SUCCESS;
  553. return(dwError);
  555. error:
  558. if (ppIpsecISAKMPObjects) {
  560. FreeIpsecISAKMPObjects(
  561. ppIpsecISAKMPObjects,
  562. dwNumISAKMPObjectsReturned
  563. );
  564. }
  566. *pppIpsecISAKMPObjects = NULL;
  567. *pdwNumISAKMPObjects = 0;
  570. return(dwError);
  571. }
  575. DWORD
  576. UnMarshallRegistryPolicyObject(
  577. HKEY hRegistryKey,
  578. LPWSTR pszIpsecRegRootContainer,
  579. LPWSTR pszIpsecPolicyDN,
  580. DWORD dwNameType,
  581. PIPSEC_POLICY_OBJECT * ppIpsecPolicyObject
  582. )
  583. {
  585. PIPSEC_POLICY_OBJECT pIpsecPolicyObject = NULL;
  586. HKEY hRegKey = NULL;
  587. DWORD dwType = 0;
  588. DWORD dwSize = 0;
  589. DWORD dwIpsecDataType = 0;
  590. DWORD dwWhenChanged = 0;
  591. LPBYTE pBuffer = NULL;
  593. DWORD i = 0;
  594. DWORD dwCount = 0;
  595. DWORD dwError = 0;
  596. LPWSTR * ppszIpsecNFANames = NULL;
  597. LPWSTR pszIpsecNFAName = NULL;
  598. LPWSTR pszTemp = NULL;
  599. LPWSTR pszString = NULL;
  600. LPWSTR pszIpsecNFAReference = NULL;
  601. LPWSTR pszRelativeName = NULL;
  602. DWORD dwRootPathLen = 0;
  605. if (!pszIpsecPolicyDN || !*pszIpsecPolicyDN) {
  606. dwError = ERROR_INVALID_DATA;
  607. BAIL_ON_WIN32_ERROR(dwError);
  608. }
  610. if (dwNameType == REG_FULLY_QUALIFIED_NAME) {
  611. dwRootPathLen = wcslen(pszIpsecRegRootContainer);
  612. if (wcslen(pszIpsecPolicyDN) <= (dwRootPathLen+1)) {
  613. dwError = ERROR_INVALID_DATA;
  614. BAIL_ON_WIN32_ERROR(dwError);
  615. }
  616. pszRelativeName = pszIpsecPolicyDN + dwRootPathLen + 1;
  617. }else {
  618. pszRelativeName = pszIpsecPolicyDN;
  619. }
  621. dwError = RegOpenKeyExW(
  622. hRegistryKey,
  623. pszRelativeName,
  624. 0,
  625. KEY_ALL_ACCESS,
  626. &hRegKey
  627. );
  628. BAIL_ON_WIN32_ERROR(dwError);
  630. pIpsecPolicyObject = (PIPSEC_POLICY_OBJECT)AllocPolMem(
  631. sizeof(IPSEC_POLICY_OBJECT)
  632. );
  633. if (!pIpsecPolicyObject) {
  634. dwError = ERROR_OUTOFMEMORY;
  635. BAIL_ON_WIN32_ERROR(dwError);
  636. }
  638. /*
  639. dwError = RegstoreQueryValue(
  640. hRegKey,
  641. L"distinguishedName",
  642. REG_SZ,
  643. (LPBYTE *)&pIpsecPolicyObject->pszIpsecOwnersReference,
  644. &dwSize
  645. );
  646. BAIL_ON_WIN32_ERROR(dwError);
  647. */
  650. pIpsecPolicyObject->pszIpsecOwnersReference = AllocPolStr(
  651. pszIpsecPolicyDN
  652. );
  653. if (!pIpsecPolicyObject->pszIpsecOwnersReference) {
  654. dwError = ERROR_OUTOFMEMORY;
  655. BAIL_ON_WIN32_ERROR(dwError);
  656. }
  660. dwError = RegstoreQueryValue(
  661. hRegKey,
  662. L"ipsecName",
  663. REG_SZ,
  664. (LPBYTE *)&pIpsecPolicyObject->pszIpsecName,
  665. &dwSize
  666. );
  667. BAIL_ON_WIN32_ERROR(dwError);
  670. dwError = RegstoreQueryValue(
  671. hRegKey,
  672. L"description",
  673. REG_SZ,
  674. (LPBYTE *)&pIpsecPolicyObject->pszDescription,
  675. &dwSize
  676. );
  677. // BAIL_ON_WIN32_ERROR(dwError);
  680. dwError = RegstoreQueryValue(
  681. hRegKey,
  682. L"ipsecID",
  683. REG_SZ,
  684. (LPBYTE *)&pIpsecPolicyObject->pszIpsecID,
  685. &dwSize
  686. );
  687. BAIL_ON_WIN32_ERROR(dwError);
  690. dwType = REG_DWORD;
  691. dwSize = sizeof(DWORD);
  692. dwError = RegQueryValueExW(
  693. hRegKey,
  694. L"ipsecDataType",
  695. NULL,
  696. &dwType,
  697. (LPBYTE)&dwIpsecDataType,
  698. &dwSize
  699. );
  700. BAIL_ON_WIN32_ERROR(dwError);
  702. pIpsecPolicyObject->dwIpsecDataType = dwIpsecDataType;
  705. dwError = RegstoreQueryValue(
  706. hRegKey,
  707. L"ipsecData",
  708. REG_BINARY,
  709. &pIpsecPolicyObject->pIpsecData,
  710. &pIpsecPolicyObject->dwIpsecDataLen
  711. );
  712. BAIL_ON_WIN32_ERROR(dwError);
  715. dwError = RegstoreQueryValue(
  716. hRegKey,
  717. L"ipsecISAKMPReference",
  718. REG_SZ,
  719. (LPBYTE *)&pIpsecPolicyObject->pszIpsecISAKMPReference,
  720. &dwSize
  721. );
  722. BAIL_ON_WIN32_ERROR(dwError);
  725. dwError = RegstoreQueryValue(
  726. hRegKey,
  727. L"ipsecNFAReference",
  728. REG_MULTI_SZ,
  729. (LPBYTE *)&pszIpsecNFAReference,
  730. &dwSize
  731. );
  732. BAIL_ON_WIN32_ERROR(dwError);
  734. pszTemp = pszIpsecNFAReference;
  735. while (*pszTemp != L'\0') {
  737. pszTemp += wcslen(pszTemp) + 1;
  738. dwCount++;
  739. }
  742. ppszIpsecNFANames = (LPWSTR *)AllocPolMem(
  743. sizeof(LPWSTR)*dwCount
  744. );
  745. if (!ppszIpsecNFANames) {
  746. dwError = ERROR_OUTOFMEMORY;
  747. BAIL_ON_WIN32_ERROR(dwError);
  748. }
  750. pszTemp = pszIpsecNFAReference;
  751. for (i = 0; i < dwCount; i++) {
  753. pszString = AllocPolStr(pszTemp);
  754. if (!pszString) {
  755. dwError = ERROR_OUTOFMEMORY;
  756. pIpsecPolicyObject->ppszIpsecNFAReferences = ppszIpsecNFANames;
  757. pIpsecPolicyObject->NumberofRules = i;
  758. BAIL_ON_WIN32_ERROR(dwError);
  759. }
  761. *(ppszIpsecNFANames + i) = pszString;
  763. pszTemp += wcslen(pszTemp) + 1; //for the null terminator;
  765. }
  767. if (pszIpsecNFAReference) {
  768. FreePolStr(pszIpsecNFAReference);
  769. }
  771. pIpsecPolicyObject->ppszIpsecNFAReferences = ppszIpsecNFANames;
  772. pIpsecPolicyObject->NumberofRules = dwCount;
  774. dwType = REG_DWORD;
  775. dwSize = sizeof(DWORD);
  776. dwError = RegQueryValueExW(
  777. hRegKey,
  778. L"whenChanged",
  779. NULL,
  780. &dwType,
  781. (LPBYTE)&dwWhenChanged,
  782. &dwSize
  783. );
  784. BAIL_ON_WIN32_ERROR(dwError);
  786. pIpsecPolicyObject->dwWhenChanged = dwWhenChanged;
  788. *ppIpsecPolicyObject = pIpsecPolicyObject;
  791. if (hRegKey) {
  792. RegCloseKey(hRegKey);
  793. }
  797. return(dwError);
  799. error:
  801. *ppIpsecPolicyObject = NULL;
  803. if (pszIpsecNFAReference) {
  804. FreePolStr(pszIpsecNFAReference);
  805. }
  807. if (pIpsecPolicyObject) {
  808. FreeIpsecPolicyObject(pIpsecPolicyObject);
  809. }
  812. if (hRegKey) {
  813. RegCloseKey(hRegKey);
  814. }
  818. return(dwError);
  819. }
  821. DWORD
  822. UnMarshallRegistryNFAObject(
  823. HKEY hRegistryKey,
  824. LPWSTR pszIpsecRegRootContainer,
  825. LPWSTR pszIpsecNFAReference,
  826. PIPSEC_NFA_OBJECT * ppIpsecNFAObject,
  827. LPWSTR * ppszFilterReference,
  828. LPWSTR * ppszNegPolReference
  829. )
  830. {
  832. PIPSEC_NFA_OBJECT pIpsecNFAObject = NULL;
  833. HKEY hRegKey = NULL;
  834. DWORD dwType = 0;
  835. DWORD dwSize = 0;
  836. DWORD dwIpsecDataType = 0;
  837. DWORD dwWhenChanged = 0;
  838. LPBYTE pBuffer = NULL;
  840. DWORD i = 0;
  841. DWORD dwCount = 0;
  842. DWORD dwError = 0;
  843. LPWSTR pszTempFilterReference = NULL;
  844. LPWSTR pszTempNegPolReference = NULL;
  846. LPWSTR pszRelativeName = NULL;
  847. DWORD dwRootPathLen = 0;
  849. dwRootPathLen = wcslen(pszIpsecRegRootContainer);
  851. if (!pszIpsecNFAReference || !*pszIpsecNFAReference) {
  852. dwError = ERROR_INVALID_DATA;
  853. BAIL_ON_WIN32_ERROR(dwError);
  854. }
  856. if (wcslen(pszIpsecNFAReference) <= (dwRootPathLen+1)) {
  857. dwError = ERROR_INVALID_DATA;
  858. BAIL_ON_WIN32_ERROR(dwError);
  859. }
  861. pszRelativeName = pszIpsecNFAReference + dwRootPathLen + 1;
  864. dwError = RegOpenKeyExW(
  865. hRegistryKey,
  866. pszRelativeName,
  867. 0,
  868. KEY_ALL_ACCESS,
  869. &hRegKey
  870. );
  871. BAIL_ON_WIN32_ERROR(dwError);
  874. pIpsecNFAObject = (PIPSEC_NFA_OBJECT)AllocPolMem(
  875. sizeof(IPSEC_NFA_OBJECT)
  876. );
  877. if (!pIpsecNFAObject) {
  878. dwError = ERROR_OUTOFMEMORY;
  879. BAIL_ON_WIN32_ERROR(dwError);
  880. }
  882. /*
  883. dwError = RegstoreQueryValue(
  884. hRegKey,
  885. L"distinguishedName",
  886. REG_SZ,
  887. (LPBYTE *)&pIpsecNFAObject->pszDistinguishedName,
  888. &dwSize
  889. );
  890. BAIL_ON_WIN32_ERROR(dwError);
  891. */
  893. pIpsecNFAObject->pszDistinguishedName = AllocPolStr(
  894. pszIpsecNFAReference
  895. );
  896. if (!pIpsecNFAObject->pszDistinguishedName) {
  897. dwError = ERROR_OUTOFMEMORY;
  898. BAIL_ON_WIN32_ERROR(dwError);
  899. }
  901. //
  902. // Client does not always write the Name for an NFA
  903. //
  905. dwError = RegstoreQueryValue(
  906. hRegKey,
  907. L"ipsecName",
  908. REG_SZ,
  909. (LPBYTE *)&pIpsecNFAObject->pszIpsecName,
  910. &dwSize
  911. );
  912. // BAIL_ON_WIN32_ERROR(dwError);
  914. dwError = RegstoreQueryValue(
  915. hRegKey,
  916. L"description",
  917. REG_SZ,
  918. (LPBYTE *)&pIpsecNFAObject->pszDescription,
  919. &dwSize
  920. );
  921. // BAIL_ON_WIN32_ERROR(dwError);
  923. dwError = RegstoreQueryValue(
  924. hRegKey,
  925. L"ipsecID",
  926. REG_SZ,
  927. (LPBYTE *)&pIpsecNFAObject->pszIpsecID,
  928. &dwSize
  929. );
  930. BAIL_ON_WIN32_ERROR(dwError);
  932. dwType = REG_DWORD;
  933. dwSize = sizeof(DWORD);
  934. dwError = RegQueryValueExW(
  935. hRegKey,
  936. L"ipsecDataType",
  937. NULL,
  938. &dwType,
  939. (LPBYTE)&dwIpsecDataType,
  940. &dwSize
  941. );
  942. BAIL_ON_WIN32_ERROR(dwError);
  944. pIpsecNFAObject->dwIpsecDataType = dwIpsecDataType;
  946. //
  947. // unmarshall the ipsecData blob
  948. //
  950. dwError = RegstoreQueryValue(
  951. hRegKey,
  952. L"ipsecData",
  953. REG_BINARY,
  954. &pIpsecNFAObject->pIpsecData,
  955. &pIpsecNFAObject->dwIpsecDataLen
  956. );
  957. BAIL_ON_WIN32_ERROR(dwError);
  959. dwError = RegstoreQueryValue(
  960. hRegKey,
  961. L"ipsecOwnersReference",
  962. REG_SZ,
  963. (LPBYTE *)&pIpsecNFAObject->pszIpsecOwnersReference,
  964. &dwSize
  965. );
  966. // BAIL_ON_WIN32_ERROR(dwError);
  969. dwError = RegstoreQueryValue(
  970. hRegKey,
  971. L"ipsecNegotiationPolicyReference",
  972. REG_SZ,
  973. (LPBYTE *)&pIpsecNFAObject->pszIpsecNegPolReference,
  974. &dwSize
  975. );
  976. BAIL_ON_WIN32_ERROR(dwError);
  979. dwError = RegstoreQueryValue(
  980. hRegKey,
  981. L"ipsecFilterReference",
  982. REG_SZ,
  983. (LPBYTE *)&pIpsecNFAObject->pszIpsecFilterReference,
  984. &dwSize
  985. );
  986. // BAIL_ON_WIN32_ERROR(dwError);
  988. dwType = REG_DWORD;
  989. dwSize = sizeof(DWORD);
  990. dwError = RegQueryValueExW(
  991. hRegKey,
  992. L"whenChanged",
  993. NULL,
  994. &dwType,
  995. (LPBYTE)&dwWhenChanged,
  996. &dwSize
  997. );
  998. BAIL_ON_WIN32_ERROR(dwError);
  1000. pIpsecNFAObject->dwWhenChanged = dwWhenChanged;
  1002. if (pIpsecNFAObject->pszIpsecFilterReference && *(pIpsecNFAObject->pszIpsecFilterReference)) {
  1003. pszTempFilterReference = AllocPolStr(
  1004. pIpsecNFAObject->pszIpsecFilterReference
  1005. );
  1006. if (!pszTempFilterReference) {
  1007. dwError = ERROR_OUTOFMEMORY;
  1008. BAIL_ON_WIN32_ERROR(dwError);
  1009. }
  1010. }
  1011. pszTempNegPolReference = AllocPolStr(
  1012. pIpsecNFAObject->pszIpsecNegPolReference
  1013. );
  1014. if (!pszTempNegPolReference) {
  1015. dwError = ERROR_OUTOFMEMORY;
  1016. BAIL_ON_WIN32_ERROR(dwError);
  1017. }
  1019. *ppszFilterReference = pszTempFilterReference;
  1020. *ppszNegPolReference = pszTempNegPolReference;
  1022. *ppIpsecNFAObject = pIpsecNFAObject;
  1025. cleanup:
  1027. if (hRegKey) {
  1028. RegCloseKey(hRegKey);
  1029. }
  1032. return(dwError);
  1034. error:
  1036. if (pIpsecNFAObject) {
  1038. FreeIpsecNFAObject(pIpsecNFAObject);
  1040. }
  1042. if (pszTempFilterReference) {
  1043. FreePolStr(pszTempFilterReference);
  1044. }
  1046. if (pszTempNegPolReference) {
  1047. FreePolStr(pszTempNegPolReference);
  1048. }
  1050. *ppIpsecNFAObject = NULL;
  1051. *ppszFilterReference = NULL;
  1052. *ppszNegPolReference = NULL;
  1054. goto cleanup;
  1055. }
  1058. DWORD
  1059. UnMarshallRegistryFilterObject(
  1060. HKEY hRegistryKey,
  1061. LPWSTR pszIpsecRegRootContainer,
  1062. LPWSTR pszIpsecFilterReference,
  1063. DWORD dwNameType,
  1064. PIPSEC_FILTER_OBJECT * ppIpsecFilterObject
  1065. )
  1066. {
  1068. PIPSEC_FILTER_OBJECT pIpsecFilterObject = NULL;
  1069. HKEY hRegKey = NULL;
  1070. DWORD dwType = 0;
  1071. DWORD dwSize = 0;
  1072. DWORD dwIpsecDataType = 0;
  1073. DWORD dwWhenChanged = 0;
  1074. LPBYTE pBuffer = NULL;
  1076. DWORD dwCount = 0;
  1077. DWORD i = 0;
  1078. LPWSTR * ppszIpsecNFANames = NULL;
  1079. LPWSTR pszString = NULL;
  1081. LPWSTR pszIpsecNFAReference = NULL;
  1082. LPWSTR pszTemp = NULL;
  1084. DWORD dwError = 0;
  1085. LPWSTR pszRelativeName = NULL;
  1086. DWORD dwRootPathLen = 0;
  1088. if (!pszIpsecFilterReference || !*pszIpsecFilterReference) {
  1089. dwError = ERROR_INVALID_DATA;
  1090. BAIL_ON_WIN32_ERROR(dwError);
  1091. }
  1093. if (dwNameType == REG_FULLY_QUALIFIED_NAME) {
  1094. dwRootPathLen = wcslen(pszIpsecRegRootContainer);
  1095. if (wcslen(pszIpsecFilterReference) <= (dwRootPathLen+1)) {
  1096. dwError = ERROR_INVALID_DATA;
  1097. BAIL_ON_WIN32_ERROR(dwError);
  1098. }
  1099. pszRelativeName = pszIpsecFilterReference + dwRootPathLen + 1;
  1100. }else {
  1101. pszRelativeName = pszIpsecFilterReference;
  1102. }
  1105. dwError = RegOpenKeyExW(
  1106. hRegistryKey,
  1107. pszRelativeName,
  1108. 0,
  1109. KEY_ALL_ACCESS,
  1110. &hRegKey
  1111. );
  1112. BAIL_ON_WIN32_ERROR(dwError);
  1115. pIpsecFilterObject = (PIPSEC_FILTER_OBJECT)AllocPolMem(
  1116. sizeof(IPSEC_FILTER_OBJECT)
  1117. );
  1118. if (!pIpsecFilterObject) {
  1119. dwError = ERROR_OUTOFMEMORY;
  1120. BAIL_ON_WIN32_ERROR(dwError);
  1121. }
  1123. /*
  1124. dwError = RegstoreQueryValue(
  1125. hRegKey,
  1126. L"distinguishedName",
  1127. REG_SZ,
  1128. (LPBYTE *)&pIpsecFilterObject->pszDistinguishedName,
  1129. &dwSize
  1130. );
  1131. BAIL_ON_WIN32_ERROR(dwError);
  1132. */
  1134. pIpsecFilterObject->pszDistinguishedName = AllocPolStr(
  1135. pszIpsecFilterReference
  1136. );
  1137. if (!pIpsecFilterObject->pszDistinguishedName) {
  1138. dwError = ERROR_OUTOFMEMORY;
  1139. BAIL_ON_WIN32_ERROR(dwError);
  1140. }
  1142. dwError = RegstoreQueryValue(
  1143. hRegKey,
  1144. L"description",
  1145. REG_SZ,
  1146. (LPBYTE *)&pIpsecFilterObject->pszDescription,
  1147. &dwSize
  1148. );
  1149. //BAIL_ON_WIN32_ERROR(dwError);
  1151. dwError = RegstoreQueryValue(
  1152. hRegKey,
  1153. L"ipsecName",
  1154. REG_SZ,
  1155. (LPBYTE *)&pIpsecFilterObject->pszIpsecName,
  1156. &dwSize
  1157. );
  1158. //BAIL_ON_WIN32_ERROR(dwError);
  1160. dwError = RegstoreQueryValue(
  1161. hRegKey,
  1162. L"ipsecID",
  1163. REG_SZ,
  1164. (LPBYTE *)&pIpsecFilterObject->pszIpsecID,
  1165. &dwSize
  1166. );
  1167. BAIL_ON_WIN32_ERROR(dwError);
  1169. dwType = REG_DWORD,
  1170. dwSize = sizeof(DWORD);
  1171. dwError = RegQueryValueExW(
  1172. hRegKey,
  1173. L"ipsecDataType",
  1174. NULL,
  1175. &dwType,
  1176. (LPBYTE)&dwIpsecDataType,
  1177. &dwSize
  1178. );
  1179. BAIL_ON_WIN32_ERROR(dwError);
  1181. pIpsecFilterObject->dwIpsecDataType = dwIpsecDataType;
  1184. //
  1185. // unmarshall the ipsecData blob
  1186. //
  1188. dwError = RegstoreQueryValue(
  1189. hRegKey,
  1190. L"ipsecData",
  1191. dwType,
  1192. &pIpsecFilterObject->pIpsecData,
  1193. &pIpsecFilterObject->dwIpsecDataLen
  1194. );
  1195. BAIL_ON_WIN32_ERROR(dwError);
  1197. //
  1198. // Owner's reference
  1199. //
  1201. dwError = RegstoreQueryValue(
  1202. hRegKey,
  1203. L"ipsecOwnersReference",
  1204. REG_MULTI_SZ,
  1205. (LPBYTE *)&pszIpsecNFAReference,
  1206. &dwSize
  1207. );
  1208. //BAIL_ON_WIN32_ERROR(dwError);
  1210. if (!dwError) {
  1212. pszTemp = pszIpsecNFAReference;
  1213. while (*pszTemp != L'\0') {
  1215. pszTemp += wcslen(pszTemp) + 1;
  1216. dwCount++;
  1217. }
  1220. ppszIpsecNFANames = (LPWSTR *)AllocPolMem(
  1221. sizeof(LPWSTR)*dwCount
  1222. );
  1223. if (!ppszIpsecNFANames) {
  1224. dwError = ERROR_OUTOFMEMORY;
  1225. BAIL_ON_WIN32_ERROR(dwError);
  1226. }
  1228. pszTemp = pszIpsecNFAReference;
  1229. for (i = 0; i < dwCount; i++) {
  1231. pszString = AllocPolStr(pszTemp);
  1232. if (!pszString) {
  1233. dwError = ERROR_OUTOFMEMORY;
  1234. pIpsecFilterObject->ppszIpsecNFAReferences = ppszIpsecNFANames;
  1235. pIpsecFilterObject->dwNFACount = i;
  1237. if (pszIpsecNFAReference) {
  1238. FreePolStr(pszIpsecNFAReference);
  1239. }
  1241. BAIL_ON_WIN32_ERROR(dwError);
  1243. }
  1245. *(ppszIpsecNFANames + i) = pszString;
  1247. pszTemp += wcslen(pszTemp) + 1; //for the null terminator;
  1249. }
  1250. if (pszIpsecNFAReference) {
  1251. FreePolStr(pszIpsecNFAReference);
  1252. }
  1255. pIpsecFilterObject->ppszIpsecNFAReferences = ppszIpsecNFANames;
  1256. pIpsecFilterObject->dwNFACount = dwCount;
  1259. }
  1261. dwType = REG_DWORD;
  1262. dwSize = sizeof(DWORD);
  1263. dwError = RegQueryValueExW(
  1264. hRegKey,
  1265. L"whenChanged",
  1266. NULL,
  1267. &dwType,
  1268. (LPBYTE)&dwWhenChanged,
  1269. &dwSize
  1270. );
  1271. BAIL_ON_WIN32_ERROR(dwError);
  1273. pIpsecFilterObject->dwWhenChanged = dwWhenChanged;
  1276. *ppIpsecFilterObject = pIpsecFilterObject;
  1279. cleanup:
  1281. if (hRegKey) {
  1283. RegCloseKey(hRegKey);
  1284. }
  1286. return(dwError);
  1288. error:
  1290. if (pIpsecFilterObject) {
  1292. FreeIpsecFilterObject(pIpsecFilterObject);
  1294. }
  1296. *ppIpsecFilterObject = NULL;
  1298. goto cleanup;
  1299. }
  1302. DWORD
  1303. UnMarshallRegistryNegPolObject(
  1304. HKEY hRegistryKey,
  1305. LPWSTR pszIpsecRegRootContainer,
  1306. LPWSTR pszIpsecNegPolReference,
  1307. DWORD dwNameType,
  1308. PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObject
  1309. )
  1310. {
  1312. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
  1313. HKEY hRegKey = NULL;
  1314. DWORD dwType = 0;
  1315. DWORD dwSize = 0;
  1316. DWORD dwIpsecDataType = 0;
  1317. DWORD dwWhenChanged = 0;
  1318. LPBYTE pBuffer = NULL;
  1320. DWORD dwCount = 0;
  1321. DWORD i = 0;
  1322. LPWSTR * ppszIpsecNFANames = NULL;
  1323. LPWSTR pszString = NULL;
  1325. LPWSTR pszIpsecNFAReference = NULL;
  1326. LPWSTR pszTemp = NULL;
  1328. DWORD dwError = 0;
  1330. LPWSTR pszRelativeName = NULL;
  1331. DWORD dwRootPathLen = 0;
  1333. if (!pszIpsecNegPolReference || !*pszIpsecNegPolReference) {
  1334. dwError = ERROR_INVALID_DATA;
  1335. BAIL_ON_WIN32_ERROR(dwError);
  1336. }
  1338. if (dwNameType == REG_FULLY_QUALIFIED_NAME) {
  1339. dwRootPathLen = wcslen(pszIpsecRegRootContainer);
  1340. if (wcslen(pszIpsecNegPolReference) <= (dwRootPathLen+1)) {
  1341. dwError = ERROR_INVALID_DATA;
  1342. BAIL_ON_WIN32_ERROR(dwError);
  1343. }
  1344. pszRelativeName = pszIpsecNegPolReference + dwRootPathLen + 1;
  1345. }else {
  1346. pszRelativeName = pszIpsecNegPolReference;
  1347. }
  1349. dwError = RegOpenKeyExW(
  1350. hRegistryKey,
  1351. pszRelativeName,
  1352. 0,
  1353. KEY_ALL_ACCESS,
  1354. &hRegKey
  1355. );
  1356. BAIL_ON_WIN32_ERROR(dwError);
  1359. pIpsecNegPolObject = (PIPSEC_NEGPOL_OBJECT)AllocPolMem(
  1360. sizeof(IPSEC_NEGPOL_OBJECT)
  1361. );
  1362. if (!pIpsecNegPolObject) {
  1363. dwError = ERROR_OUTOFMEMORY;
  1364. BAIL_ON_WIN32_ERROR(dwError);
  1365. }
  1367. /*
  1368. dwError = RegstoreQueryValue(
  1369. hRegKey,
  1370. L"distinguishedName",
  1371. REG_SZ,
  1372. (LPBYTE *)&pIpsecNegPolObject->pszDistinguishedName,
  1373. &dwSize
  1374. );
  1375. BAIL_ON_WIN32_ERROR(dwError);
  1376. */
  1378. pIpsecNegPolObject->pszDistinguishedName = AllocPolStr(
  1379. pszIpsecNegPolReference
  1380. );
  1381. if (!pIpsecNegPolObject->pszDistinguishedName) {
  1382. dwError = ERROR_OUTOFMEMORY;
  1383. BAIL_ON_WIN32_ERROR(dwError);
  1384. }
  1386. //
  1387. // Names do not get written on an NegPol Object
  1388. //
  1390. dwError = RegstoreQueryValue(
  1391. hRegKey,
  1392. L"ipsecName",
  1393. REG_SZ,
  1394. (LPBYTE *)&pIpsecNegPolObject->pszIpsecName,
  1395. &dwSize
  1396. );
  1397. // BAIL_ON_WIN32_ERROR(dwError);
  1400. dwError = RegstoreQueryValue(
  1401. hRegKey,
  1402. L"description",
  1403. REG_SZ,
  1404. (LPBYTE *)&pIpsecNegPolObject->pszDescription,
  1405. &dwSize
  1406. );
  1407. // BAIL_ON_WIN32_ERROR(dwError);
  1411. dwError = RegstoreQueryValue(
  1412. hRegKey,
  1413. L"ipsecID",
  1414. REG_SZ,
  1415. (LPBYTE *)&pIpsecNegPolObject->pszIpsecID,
  1416. &dwSize
  1417. );
  1418. BAIL_ON_WIN32_ERROR(dwError);
  1420. dwError = RegstoreQueryValue(
  1421. hRegKey,
  1422. L"ipsecNegotiationPolicyAction",
  1423. REG_SZ,
  1424. (LPBYTE *)&pIpsecNegPolObject->pszIpsecNegPolAction,
  1425. &dwSize
  1426. );
  1427. BAIL_ON_WIN32_ERROR(dwError);
  1429. dwError = RegstoreQueryValue(
  1430. hRegKey,
  1431. L"ipsecNegotiationPolicyType",
  1432. REG_SZ,
  1433. (LPBYTE *)&pIpsecNegPolObject->pszIpsecNegPolType,
  1434. &dwSize
  1435. );
  1436. BAIL_ON_WIN32_ERROR(dwError);
  1438. dwType = REG_DWORD;
  1439. dwSize = sizeof(DWORD);
  1440. dwError = RegQueryValueExW(
  1441. hRegKey,
  1442. L"ipsecDataType",
  1443. NULL,
  1444. &dwType,
  1445. (LPBYTE)&dwIpsecDataType,
  1446. &dwSize
  1447. );
  1448. BAIL_ON_WIN32_ERROR(dwError);
  1450. pIpsecNegPolObject->dwIpsecDataType = dwIpsecDataType;
  1453. dwError = RegstoreQueryValue(
  1454. hRegKey,
  1455. L"ipsecData",
  1456. REG_BINARY,
  1457. &pIpsecNegPolObject->pIpsecData,
  1458. &pIpsecNegPolObject->dwIpsecDataLen
  1459. );
  1460. BAIL_ON_WIN32_ERROR(dwError);
  1462. dwError = RegstoreQueryValue(
  1463. hRegKey,
  1464. L"ipsecOwnersReference",
  1465. REG_MULTI_SZ,
  1466. (LPBYTE *)&pszIpsecNFAReference,
  1467. &dwSize
  1468. );
  1469. // BAIL_ON_WIN32_ERROR(dwError);
  1471. if (!dwError) {
  1473. pszTemp = pszIpsecNFAReference;
  1474. while (*pszTemp != L'\0') {
  1476. pszTemp += wcslen(pszTemp) + 1;
  1477. dwCount++;
  1478. }
  1481. ppszIpsecNFANames = (LPWSTR *)AllocPolMem(
  1482. sizeof(LPWSTR)*dwCount
  1483. );
  1484. if (!ppszIpsecNFANames) {
  1485. dwError = ERROR_OUTOFMEMORY;
  1486. BAIL_ON_WIN32_ERROR(dwError);
  1487. }
  1489. pszTemp = pszIpsecNFAReference;
  1490. for (i = 0; i < dwCount; i++) {
  1492. pszString = AllocPolStr(pszTemp);
  1493. if (!pszString) {
  1494. dwError = ERROR_OUTOFMEMORY;
  1495. pIpsecNegPolObject->ppszIpsecNFAReferences = ppszIpsecNFANames;
  1496. pIpsecNegPolObject->dwNFACount = i;
  1499. if (pszIpsecNFAReference) {
  1500. FreePolStr(pszIpsecNFAReference);
  1501. }
  1503. BAIL_ON_WIN32_ERROR(dwError);
  1504. }
  1506. *(ppszIpsecNFANames + i) = pszString;
  1508. pszTemp += wcslen(pszTemp) + 1; //for the null terminator;
  1510. }
  1512. if (pszIpsecNFAReference) {
  1513. FreePolStr(pszIpsecNFAReference);
  1514. }
  1517. pIpsecNegPolObject->ppszIpsecNFAReferences = ppszIpsecNFANames;
  1518. pIpsecNegPolObject->dwNFACount = dwCount;
  1519. }
  1521. dwType = REG_DWORD;
  1522. dwSize = sizeof(DWORD);
  1523. dwError = RegQueryValueExW(
  1524. hRegKey,
  1525. L"whenChanged",
  1526. NULL,
  1527. &dwType,
  1528. (LPBYTE)&dwWhenChanged,
  1529. &dwSize
  1530. );
  1531. BAIL_ON_WIN32_ERROR(dwError);
  1533. pIpsecNegPolObject->dwWhenChanged = dwWhenChanged;
  1537. *ppIpsecNegPolObject = pIpsecNegPolObject;
  1540. cleanup:
  1542. if (hRegKey) {
  1543. RegCloseKey(hRegKey);
  1544. }
  1547. return(dwError);
  1549. error:
  1551. if (pIpsecNegPolObject) {
  1553. FreeIpsecNegPolObject(pIpsecNegPolObject);
  1555. }
  1557. *ppIpsecNegPolObject = NULL;
  1559. goto cleanup;
  1560. }
  1562. DWORD
  1563. UnMarshallRegistryISAKMPObject(
  1564. HKEY hRegistryKey,
  1565. LPWSTR pszIpsecRegRootContainer,
  1566. LPWSTR pszIpsecISAKMPReference,
  1567. DWORD dwNameType,
  1568. PIPSEC_ISAKMP_OBJECT * ppIpsecISAKMPObject
  1569. )
  1570. {
  1572. PIPSEC_ISAKMP_OBJECT pIpsecISAKMPObject = NULL;
  1573. HKEY hRegKey = NULL;
  1574. DWORD dwType = 0;
  1575. DWORD dwSize = 0;
  1576. DWORD dwIpsecDataType = 0;
  1577. DWORD dwWhenChanged = 0;
  1578. LPBYTE pBuffer = NULL;
  1580. DWORD dwCount = 0;
  1581. DWORD i = 0;
  1582. LPWSTR * ppszIpsecNFANames = NULL;
  1583. LPWSTR pszString = NULL;
  1585. LPWSTR pszIpsecNFAReference = NULL;
  1586. LPWSTR pszTemp = NULL;
  1588. DWORD dwError = 0;
  1591. LPWSTR pszRelativeName = NULL;
  1592. DWORD dwRootPathLen = 0;
  1594. if (!pszIpsecISAKMPReference || !*pszIpsecISAKMPReference) {
  1595. dwError = ERROR_INVALID_DATA;
  1596. BAIL_ON_WIN32_ERROR(dwError);
  1597. }
  1599. if (dwNameType == REG_FULLY_QUALIFIED_NAME) {
  1600. dwRootPathLen = wcslen(pszIpsecRegRootContainer);
  1601. if (wcslen(pszIpsecISAKMPReference) <= (dwRootPathLen+1)) {
  1602. dwError = ERROR_INVALID_DATA;
  1603. BAIL_ON_WIN32_ERROR(dwError);
  1604. }
  1605. pszRelativeName = pszIpsecISAKMPReference + dwRootPathLen + 1;
  1606. }else {
  1607. pszRelativeName = pszIpsecISAKMPReference;
  1608. }
  1611. dwError = RegOpenKeyExW(
  1612. hRegistryKey,
  1613. pszRelativeName,
  1614. 0,
  1615. KEY_ALL_ACCESS,
  1616. &hRegKey
  1617. );
  1618. BAIL_ON_WIN32_ERROR(dwError);
  1621. pIpsecISAKMPObject = (PIPSEC_ISAKMP_OBJECT)AllocPolMem(
  1622. sizeof(IPSEC_ISAKMP_OBJECT)
  1623. );
  1624. if (!pIpsecISAKMPObject) {
  1625. dwError = ERROR_OUTOFMEMORY;
  1626. BAIL_ON_WIN32_ERROR(dwError);
  1627. }
  1629. /*
  1630. dwError = RegstoreQueryValue(
  1631. hRegKey,
  1632. L"distinguishedName",
  1633. REG_SZ,
  1634. (LPBYTE *)&pIpsecISAKMPObject->pszDistinguishedName,
  1635. &dwSize
  1636. );
  1637. BAIL_ON_WIN32_ERROR(dwError);
  1638. */
  1640. pIpsecISAKMPObject->pszDistinguishedName = AllocPolStr(
  1641. pszIpsecISAKMPReference
  1642. );
  1643. if (!pIpsecISAKMPObject->pszDistinguishedName) {
  1644. dwError = ERROR_OUTOFMEMORY;
  1645. BAIL_ON_WIN32_ERROR(dwError);
  1646. }
  1648. //
  1649. // Names are not set for ISAKMP objects
  1650. //
  1652. dwError = RegstoreQueryValue(
  1653. hRegKey,
  1654. L"ipsecName",
  1655. REG_SZ,
  1656. (LPBYTE *)&pIpsecISAKMPObject->pszIpsecName,
  1657. &dwSize
  1658. );
  1659. // BAIL_ON_WIN32_ERROR(dwError);
  1661. dwError = RegstoreQueryValue(
  1662. hRegKey,
  1663. L"ipsecID",
  1664. REG_SZ,
  1665. (LPBYTE *)&pIpsecISAKMPObject->pszIpsecID,
  1666. &dwSize
  1667. );
  1668. BAIL_ON_WIN32_ERROR(dwError);
  1670. dwType = REG_DWORD,
  1671. dwSize = sizeof(DWORD);
  1672. dwError = RegQueryValueExW(
  1673. hRegKey,
  1674. L"ipsecDataType",
  1675. NULL,
  1676. &dwType,
  1677. (LPBYTE)&dwIpsecDataType,
  1678. &dwSize
  1679. );
  1680. BAIL_ON_WIN32_ERROR(dwError);
  1682. pIpsecISAKMPObject->dwIpsecDataType = dwIpsecDataType;
  1685. //
  1686. // unmarshall the ipsecData blob
  1687. //
  1688. dwError = RegstoreQueryValue(
  1689. hRegKey,
  1690. L"ipsecData",
  1691. REG_BINARY,
  1692. &pIpsecISAKMPObject->pIpsecData,
  1693. &pIpsecISAKMPObject->dwIpsecDataLen
  1694. );
  1695. BAIL_ON_WIN32_ERROR(dwError);
  1698. //
  1699. // ipsecOwnersReference not written
  1700. //
  1703. dwError = RegstoreQueryValue(
  1704. hRegKey,
  1705. L"ipsecOwnersReference",
  1706. REG_MULTI_SZ,
  1707. (LPBYTE *)&pszIpsecNFAReference,
  1708. &dwSize
  1709. );
  1710. // BAIL_ON_WIN32_ERROR(dwError);
  1713. if (!dwError) {
  1715. pszTemp = pszIpsecNFAReference;
  1716. while (*pszTemp != L'\0') {
  1718. pszTemp += wcslen(pszTemp) + 1;
  1719. dwCount++;
  1720. }
  1723. ppszIpsecNFANames = (LPWSTR *)AllocPolMem(
  1724. sizeof(LPWSTR)*dwCount
  1725. );
  1726. if (!ppszIpsecNFANames) {
  1727. dwError = ERROR_OUTOFMEMORY;
  1728. BAIL_ON_WIN32_ERROR(dwError);
  1729. }
  1731. pszTemp = pszIpsecNFAReference;
  1732. for (i = 0; i < dwCount; i++) {
  1734. pszString = AllocPolStr(pszTemp);
  1735. if (!pszString) {
  1736. dwError = ERROR_OUTOFMEMORY;
  1737. pIpsecISAKMPObject->ppszIpsecNFAReferences = ppszIpsecNFANames;
  1738. pIpsecISAKMPObject->dwNFACount = i;
  1740. if (pszIpsecNFAReference) {
  1741. FreePolStr(pszIpsecNFAReference);
  1742. }
  1746. BAIL_ON_WIN32_ERROR(dwError);
  1747. }
  1749. *(ppszIpsecNFANames + i) = pszString;
  1751. pszTemp += wcslen(pszTemp) + 1; //for the null terminator;
  1753. }
  1755. if (pszIpsecNFAReference) {
  1756. FreePolStr(pszIpsecNFAReference);
  1757. }
  1759. pIpsecISAKMPObject->ppszIpsecNFAReferences = ppszIpsecNFANames;
  1760. pIpsecISAKMPObject->dwNFACount = dwCount;
  1761. }
  1763. dwType = REG_DWORD;
  1764. dwSize = sizeof(DWORD);
  1765. dwError = RegQueryValueExW(
  1766. hRegKey,
  1767. L"whenChanged",
  1768. NULL,
  1769. &dwType,
  1770. (LPBYTE)&dwWhenChanged,
  1771. &dwSize
  1772. );
  1773. BAIL_ON_WIN32_ERROR(dwError);
  1775. pIpsecISAKMPObject->dwWhenChanged = dwWhenChanged;
  1778. *ppIpsecISAKMPObject = pIpsecISAKMPObject;
  1781. cleanup:
  1783. if (hRegKey) {
  1784. RegCloseKey(hRegKey);
  1785. }
  1788. return(dwError);
  1790. error:
  1792. if (pIpsecISAKMPObject) {
  1794. FreeIpsecISAKMPObject(pIpsecISAKMPObject);
  1796. }
  1798. *ppIpsecISAKMPObject = NULL;
  1800. goto cleanup;
  1801. }
  1804. DWORD
  1805. RegstoreQueryValue(
  1806. HKEY hRegKey,
  1807. LPWSTR pszValueName,
  1808. DWORD dwType,
  1809. LPBYTE * ppValueData,
  1810. LPDWORD pdwSize
  1811. )
  1812. {
  1813. DWORD dwSize = 0;
  1814. LPWSTR pszValueData = NULL;
  1815. DWORD dwError = 0;
  1816. LPBYTE pBuffer = NULL;
  1817. LPWSTR pszBuf = NULL;
  1820. dwError = RegQueryValueExW(
  1821. hRegKey,
  1822. pszValueName,
  1823. NULL,
  1824. &dwType,
  1825. NULL,
  1826. &dwSize
  1827. );
  1828. BAIL_ON_WIN32_ERROR(dwError);
  1830. if (dwSize == 0) {
  1831. dwError = ERROR_INVALID_DATA;
  1832. BAIL_ON_WIN32_ERROR(dwError);
  1833. }
  1835. pBuffer = (LPBYTE)AllocPolMem(dwSize);
  1836. if (!pBuffer) {
  1838. dwError = ERROR_OUTOFMEMORY;
  1839. BAIL_ON_WIN32_ERROR(dwError);
  1840. }
  1842. dwError = RegQueryValueExW(
  1843. hRegKey,
  1844. pszValueName,
  1845. NULL,
  1846. &dwType,
  1847. pBuffer,
  1848. &dwSize
  1849. );
  1850. BAIL_ON_WIN32_ERROR(dwError);
  1855. switch (dwType) {
  1856. case REG_SZ:
  1857. pszBuf = (LPWSTR) pBuffer;
  1858. if (!pszBuf || !*pszBuf) {
  1859. dwError = ERROR_INVALID_DATA;
  1860. BAIL_ON_WIN32_ERROR(dwError);
  1861. }
  1862. break;
  1864. default:
  1865. break;
  1866. }
  1868. *ppValueData = pBuffer;
  1869. *pdwSize = dwSize;
  1870. return(dwError);
  1872. error:
  1874. if (pBuffer) {
  1875. FreePolMem(pBuffer);
  1876. }
  1878. *ppValueData = NULL;
  1879. *pdwSize = 0;
  1880. return(dwError);
  1881. }
  1884. VOID
  1885. FlushRegSaveKey(
  1886. HKEY hRegistryKey
  1887. )
  1888. {
  1889. DWORD dwError = 0;
  1890. WCHAR lpszName[MAX_PATH];
  1891. DWORD dwSize = 0;
  1894. memset(lpszName, 0, sizeof(WCHAR)*MAX_PATH);
  1895. dwSize = MAX_PATH;
  1897. while((RegEnumKeyExW(
  1898. hRegistryKey,
  1899. 0,
  1900. lpszName,
  1901. &dwSize,
  1902. NULL,
  1903. NULL,
  1904. NULL,
  1905. NULL)) == ERROR_SUCCESS) {
  1907. dwError = RegDeleteKeyW(
  1908. hRegistryKey,
  1909. lpszName
  1910. );
  1911. if (dwError != ERROR_SUCCESS) {
  1912. break;
  1913. }
  1915. memset(lpszName, 0, sizeof(WCHAR)*MAX_PATH);
  1916. dwSize = MAX_PATH;
  1918. }
  1920. return;
  1921. }