archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/net/ipsec/nshipsec/dynamic.cpp

6311 lines
160 KiB
Raw Normal View History

commiting as it is
5 years ago
  1. ////////////////////////////////////////////////////////////////////////
  2. //
  3. // Module : Dynamic/Dynamic.cpp
  4. //
  5. // Purpose : Dynamic Module Implementation.
  6. //
  7. //
  8. // Developers Name : Bharat/Radhika
  9. //
  10. // Description : All functions are netshell dynamic context interface and
  11. // calls appropriate functions.
  12. //
  13. // History :
  14. //
  15. // Date Author Comments
  16. // 8-10-2001 Bharat Initial Version. V1.0
  17. //
  18. ////////////////////////////////////////////////////////////////////////
  20. #include "nshipsec.h"
  21. #include "nshcertmgmt.h"
  23. extern HINSTANCE g_hModule;
  24. extern HKEY g_hGlobalRegistryKey;
  25. extern _TCHAR* g_szDynamicMachine;
  26. extern STORAGELOCATION g_StorageLocation;
  28. ///////////////////////////////////////////////////////////////////////////////////////////
  29. //
  30. // Function : HandleDynamicAddQMPolicy
  31. //
  32. // Date of Creation: 9-23-2001
  33. //
  34. // Parameters :
  35. // IN LPCWSTR pwszMachine,
  36. // IN OUT LPWSTR *ppwcArguments,
  37. // IN DWORD dwCurrentIndex,
  38. // IN DWORD dwArgCount,
  39. // IN DWORD dwFlags,
  40. // IN LPCVOID pvData,
  41. // OUT BOOL *pbDone
  42. // Return : DWORD
  43. //
  44. // Description : Netshell Dynamic handle for add quick mode policy.
  45. //
  46. // Revision History:
  47. //
  48. // Date Author Comments
  49. // 8-10-2001 Bharat Initial Version. V1.0
  50. //
  51. //////////////////////////////////////////////////////////////////////////////////////////
  53. DWORD WINAPI
  54. HandleDynamicAddQMPolicy(
  55. IN LPCWSTR pwszMachine,
  56. IN OUT LPWSTR *ppwcArguments,
  57. IN DWORD dwCurrentIndex,
  58. IN DWORD dwArgCount,
  59. IN DWORD dwFlags,
  60. IN LPCVOID pvData,
  61. OUT BOOL *pbDone
  62. )
  63. {
  64. IPSEC_QM_POLICY QMPol;
  66. LPTSTR pszPolicyName = NULL;
  67. DWORD dwReturn = ERROR_SHOW_USAGE;
  68. DWORD dwPFSGr = 0;
  69. DWORD dwNameLen = 0;
  70. DWORD dwCount = 0, j=0;
  71. BOOL bSoft=FALSE, bDefault=FALSE, bQmpfs=FALSE;
  73. const TAG_TYPE vcmdDynamicAddQMPolicy[] =
  74. {
  75. { CMD_TOKEN_STR_NAME, NS_REQ_PRESENT, FALSE },
  76. { CMD_TOKEN_STR_SOFT, NS_REQ_ZERO, FALSE },
  77. { CMD_TOKEN_STR_PFSGROUP, NS_REQ_ZERO, FALSE },
  78. { CMD_TOKEN_STR_DEFRESPONSE, NS_REQ_ZERO, FALSE },
  79. { CMD_TOKEN_STR_NEGOTIATION, NS_REQ_ZERO, FALSE }
  80. };
  82. const TOKEN_VALUE vtokDynamicAddQMPolicy[] =
  83. {
  84. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  85. { CMD_TOKEN_STR_SOFT, CMD_TOKEN_SOFT },
  86. { CMD_TOKEN_STR_PFSGROUP, CMD_TOKEN_PFSGROUP },
  87. { CMD_TOKEN_STR_DEFRESPONSE, CMD_TOKEN_DEFRESPONSE },
  88. { CMD_TOKEN_STR_NEGOTIATION, CMD_TOKEN_NEGOTIATION }
  89. };
  92. PARSER_PKT parser;
  93. ZeroMemory(&parser, sizeof(parser));
  95. memset(&QMPol, 0, sizeof(IPSEC_QM_POLICY));
  96. QMPol.pOffers = NULL;
  97. //
  98. // Bail out as user has not given sufficient arguments.
  99. //
  100. if(dwArgCount <= 3)
  101. {
  102. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  103. BAIL_OUT;
  104. }
  106. parser.ValidTok = vtokDynamicAddQMPolicy;
  107. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicAddQMPolicy);
  109. parser.ValidCmd = vcmdDynamicAddQMPolicy;
  110. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicAddQMPolicy);
  112. //
  113. // Get the user input after parsing the data
  114. //
  115. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  117. if(dwReturn != ERROR_SUCCESS)
  118. {
  119. if(dwReturn == RETURN_NO_ERROR)
  120. {
  121. dwReturn = ERROR_NO_DISPLAY;
  122. BAIL_OUT;
  123. }
  124. else
  125. {
  126. dwReturn = ERROR_SHOW_USAGE;
  127. BAIL_OUT;
  128. }
  129. }
  130. //
  131. // Check for user given tokens from the parser and copy into local variables
  132. //
  133. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  134. {
  135. switch(vtokDynamicAddQMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  136. {
  137. case CMD_TOKEN_NAME :
  138. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  139. {
  140. //allocate memory for QMPolicy name
  141. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  142. pszPolicyName = new _TCHAR[dwNameLen];
  143. if(pszPolicyName == NULL)
  144. {
  145. dwReturn = ERROR_OUTOFMEMORY;
  146. BAIL_OUT;
  147. }
  148. _tcsncpy(pszPolicyName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  149. }
  150. break;
  151. case CMD_TOKEN_SOFT :
  152. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  153. {
  154. bSoft = *(BOOL *)parser.Cmd[dwCount].pArg;
  155. }
  156. break;
  157. case CMD_TOKEN_DEFRESPONSE :
  158. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  159. {
  160. bDefault = *(BOOL *)parser.Cmd[dwCount].pArg;
  161. }
  162. break;
  163. case CMD_TOKEN_PFSGROUP :
  164. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  165. {
  166. //
  167. // Make the pfs required flag true.Since only group is accepted from the user.
  168. //
  169. bQmpfs = TRUE;
  170. dwPFSGr = *(DWORD *)parser.Cmd[dwCount].pArg;
  171. }
  172. break;
  173. case CMD_TOKEN_NEGOTIATION :
  174. IPSEC_QM_OFFER *SecMethod;
  175. if (parser.Cmd[dwCount].dwStatus != 0)
  176. {
  177. if(QMPol.pOffers)
  178. {
  179. //
  180. // Default loads deleted
  181. //
  182. delete [] QMPol.pOffers;
  183. QMPol.pOffers = NULL;
  184. }
  185. QMPol.dwOfferCount = parser.Cmd[dwCount].dwStatus;
  186. QMPol.pOffers = new IPSEC_QM_OFFER[QMPol.dwOfferCount];
  187. if(QMPol.pOffers == NULL)
  188. {
  189. dwReturn = ERROR_OUTOFMEMORY;
  190. BAIL_OUT;
  191. }
  192. for(j=0;j<QMPol.dwOfferCount;j++)
  193. {
  194. //
  195. // Copy the QM offers given by the user or defaults provided by parser
  196. //
  197. SecMethod = ((IPSEC_QM_OFFER **)parser.Cmd[dwCount].pArg)[j];
  198. memcpy(&(QMPol.pOffers[j]), SecMethod, sizeof(IPSEC_QM_OFFER));
  199. }
  200. }
  201. break;
  202. default :
  203. break;
  204. }
  205. }
  207. for(j=0;j<QMPol.dwOfferCount;j++)
  208. {
  209. // Check for the user given pfsgroup
  210. if(bQmpfs)
  211. {
  212. switch(dwPFSGr)
  213. {
  214. case 0:
  215. QMPol.pOffers[j].dwPFSGroup = 0;
  216. QMPol.pOffers[j].bPFSRequired = FALSE;
  217. break;
  218. case 1:
  219. QMPol.pOffers[j].dwPFSGroup = PFS_GROUP_1;
  220. QMPol.pOffers[j].bPFSRequired = TRUE;
  221. break;
  222. case 2:
  223. QMPol.pOffers[j].dwPFSGroup = PFS_GROUP_2;
  224. QMPol.pOffers[j].bPFSRequired = TRUE;
  225. break;
  226. case 3:
  227. QMPol.pOffers[j].dwPFSGroup = PFS_GROUP_2048;
  228. QMPol.pOffers[j].bPFSRequired = TRUE;
  229. break;
  230. case 4:
  231. QMPol.pOffers[j].dwPFSGroup = PFS_GROUP_MM;
  232. QMPol.pOffers[j].bPFSRequired = TRUE;
  233. break;
  234. default:
  235. break;
  236. }
  237. }
  238. else
  239. {
  240. QMPol.pOffers[j].dwPFSGroup = dwPFSGr;
  241. QMPol.pOffers[j].bPFSRequired = bQmpfs;
  242. }
  243. }
  244. //
  245. // Add the quick mode policy to SPD.
  246. //
  247. dwReturn = AddQuickModePolicy( pszPolicyName, bDefault, bSoft, QMPol);
  249. error:
  250. //clean up heap used...
  251. if(dwArgCount > 3)
  252. {
  253. CleanUp();
  254. }
  256. if(pszPolicyName)
  257. {
  258. delete [] pszPolicyName;
  259. }
  260. if(QMPol.pOffers)
  261. {
  262. if(QMPol.dwOfferCount)
  263. {
  264. delete [] (QMPol.pOffers);
  265. }
  266. else
  267. {
  268. delete QMPol.pOffers;
  269. }
  270. }
  272. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE) &&(dwReturn != ERROR_NO_DISPLAY))
  273. {
  274. //api errors
  275. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  276. dwReturn = ERROR_SUCCESS;
  277. }
  279. //already one error displayed.
  280. if(dwReturn == ERROR_NO_DISPLAY)
  281. {
  282. dwReturn = ERROR_SUCCESS;
  283. }
  285. return dwReturn;
  286. }
  288. ///////////////////////////////////////////////////////////////////////////////////////////
  289. //
  290. // Function : HandleDynamicSetQMPolicy
  291. //
  292. // Date of Creation: 9-23-2001
  293. //
  294. // Parameters :
  295. // IN LPCWSTR pwszMachine,
  296. // IN OUT LPWSTR *ppwcArguments,
  297. // IN DWORD dwCurrentIndex,
  298. // IN DWORD dwArgCount,
  299. // IN DWORD dwFlags,
  300. // IN LPCVOID pvData,
  301. // OUT BOOL *pbDone
  302. // Return : DWORD
  303. //
  304. // Description : Netshell Dynamic handle for set quick mode policy
  305. //
  306. // Revision History:
  307. //
  308. // Date Author Comments
  309. //
  310. //////////////////////////////////////////////////////////////////////////////////////////
  312. DWORD WINAPI
  313. HandleDynamicSetQMPolicy(
  314. IN LPCWSTR pwszMachine,
  315. IN OUT LPWSTR *ppwcArguments,
  316. IN DWORD dwCurrentIndex,
  317. IN DWORD dwArgCount,
  318. IN DWORD dwFlags,
  319. IN LPCVOID pvData,
  320. OUT BOOL *pbDone
  321. )
  322. {
  324. LPTSTR pszPolicyName = NULL;
  325. DWORD dwReturn = ERROR_SHOW_USAGE;
  326. DWORD dwNameLen = 0;
  327. DWORD dwCount = 0, j=0;
  328. DWORD dwPFSGr = 0;
  329. DWORD dwOldPFSGr = 0;
  330. DWORD dwVersion = 0;
  331. BOOL bQmpfs = FALSE, bOldQmpfs = FALSE;
  332. PIPSEC_QM_POLICY pOldQMPol = NULL;
  333. PIPSEC_QM_POLICY pQMPol = NULL;
  334. const TAG_TYPE vcmdDynamicSetQMPolicy[] =
  335. {
  336. { CMD_TOKEN_STR_NAME, NS_REQ_PRESENT, FALSE },
  337. { CMD_TOKEN_STR_SOFT, NS_REQ_ZERO, FALSE },
  338. { CMD_TOKEN_STR_PFSGROUP, NS_REQ_ZERO, FALSE },
  339. { CMD_TOKEN_STR_DEFRESPONSE, NS_REQ_ZERO, FALSE },
  340. { CMD_TOKEN_STR_NEGOTIATION, NS_REQ_ZERO, FALSE }
  341. };
  343. const TOKEN_VALUE vtokDynamicSetQMPolicy[] =
  344. {
  345. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  346. { CMD_TOKEN_STR_SOFT, CMD_TOKEN_SOFT },
  347. { CMD_TOKEN_STR_PFSGROUP, CMD_TOKEN_PFSGROUP },
  348. { CMD_TOKEN_STR_DEFRESPONSE, CMD_TOKEN_DEFRESPONSE },
  349. { CMD_TOKEN_STR_NEGOTIATION, CMD_TOKEN_NEGOTIATION }
  350. };
  351. PARSER_PKT parser;
  352. ZeroMemory(&parser, sizeof(parser));
  354. //
  355. // Bail out as user has not given sufficient arguments.
  356. //
  357. if(dwArgCount <= 3)
  358. {
  359. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  360. BAIL_OUT;
  361. }
  362. parser.ValidTok = vtokDynamicSetQMPolicy;
  363. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicSetQMPolicy);
  365. parser.ValidCmd = vcmdDynamicSetQMPolicy;
  366. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicSetQMPolicy);
  368. //
  369. // Get the user input after parsing the data
  370. //
  371. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  373. if(dwReturn != ERROR_SUCCESS)
  374. {
  375. if(dwReturn == RETURN_NO_ERROR)
  376. {
  377. dwReturn = ERROR_NO_DISPLAY;
  378. BAIL_OUT;
  379. }
  380. else
  381. {
  382. dwReturn = ERROR_SHOW_USAGE;
  383. BAIL_OUT;
  384. }
  385. }
  386. //
  387. // Check for user given tokens from the parser and copy into local variables
  388. //
  389. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  390. {
  391. switch(vtokDynamicSetQMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  392. {
  394. case CMD_TOKEN_NAME :
  395. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  396. {
  397. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  398. pszPolicyName = new _TCHAR[dwNameLen];
  399. if(pszPolicyName == NULL)
  400. {
  401. dwReturn = ERROR_OUTOFMEMORY;
  402. BAIL_OUT;
  403. }
  404. _tcsncpy(pszPolicyName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  405. }
  406. break;
  407. }
  408. }
  409. //
  410. // Get the user given QMpolicy from SPD
  411. //
  412. dwReturn = GetQMPolicy(g_szDynamicMachine, dwVersion, pszPolicyName, 0, &pOldQMPol, NULL);
  414. if((dwReturn != ERROR_SUCCESS) || !pOldQMPol)
  415. {
  416. BAIL_OUT;
  417. }
  419. pQMPol = new IPSEC_QM_POLICY;
  420. if(pQMPol == NULL)
  421. {
  422. dwReturn = ERROR_OUTOFMEMORY;
  423. BAIL_OUT;
  424. }
  425. //
  426. // Copy old record into the local pointer
  427. //
  428. memcpy(pQMPol, pOldQMPol, sizeof(IPSEC_QM_POLICY));
  430. dwNameLen = _tcslen(pOldQMPol->pszPolicyName) + 1;
  432. pQMPol->pszPolicyName = new _TCHAR[dwNameLen];
  433. if(pQMPol->pszPolicyName == NULL)
  434. {
  435. dwReturn = ERROR_OUTOFMEMORY;
  436. BAIL_OUT;
  437. }
  439. _tcsncpy(pQMPol->pszPolicyName, pOldQMPol->pszPolicyName, dwNameLen);
  441. //
  442. // Copy old qmoffer
  443. //
  444. pQMPol->pOffers = new IPSEC_QM_OFFER[pQMPol->dwOfferCount];
  445. if(pQMPol->pOffers == NULL)
  446. {
  447. dwReturn = ERROR_OUTOFMEMORY;
  448. BAIL_OUT;
  449. }
  451. for(j=0; j<pQMPol->dwOfferCount; j++)
  452. {
  453. memcpy(&(pQMPol->pOffers[j]), &(pOldQMPol->pOffers[j]), sizeof(IPSEC_QM_OFFER));
  454. }
  456. SPDApiBufferFree(pOldQMPol);
  457. pOldQMPol = NULL;
  459. //
  460. // Check for user given tokens from the parser and copy into local variables
  461. //
  462. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  463. {
  464. switch(vtokDynamicSetQMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  465. {
  466. case CMD_TOKEN_SOFT :
  467. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  468. {
  469. //
  470. // Set the soft flag
  471. //
  472. if(*(BOOL *)parser.Cmd[dwCount].pArg)
  473. {
  474. pQMPol->dwFlags |= IPSEC_QM_POLICY_ALLOW_SOFT;
  475. }
  476. else
  477. {
  478. pQMPol->dwFlags &= ~IPSEC_QM_POLICY_ALLOW_SOFT;
  479. }
  480. }
  481. break;
  482. case CMD_TOKEN_DEFRESPONSE :
  483. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  484. {
  485. //
  486. // Set the default_rule flag.
  487. //
  488. if(*(BOOL *)parser.Cmd[dwCount].pArg)
  489. {
  490. pQMPol->dwFlags |= IPSEC_MM_POLICY_DEFAULT_POLICY;
  491. }
  492. else
  493. {
  494. pQMPol->dwFlags &= ~IPSEC_MM_POLICY_DEFAULT_POLICY;
  495. }
  496. }
  497. break;
  498. case CMD_TOKEN_PFSGROUP :
  499. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  500. {
  501. //
  502. // Check if pfsgroup is given, as pfs required parameter also needs to be set.
  503. //
  504. bQmpfs = TRUE;
  505. dwPFSGr = *(DWORD *)parser.Cmd[dwCount].pArg;
  506. }
  507. break;
  508. case CMD_TOKEN_NEGOTIATION :
  509. IPSEC_QM_OFFER *SecMethod;
  510. if (parser.Cmd[dwCount].dwStatus > 0)
  511. {
  512. if((pQMPol->pOffers)&&(pQMPol->dwOfferCount))
  513. {
  514. dwOldPFSGr = pQMPol->pOffers[0].dwPFSGroup;
  515. bOldQmpfs = pQMPol->pOffers[0].bPFSRequired;
  516. if(pQMPol->dwOfferCount)
  517. {
  518. delete [] pQMPol->pOffers;
  519. }
  520. else
  521. {
  522. delete pQMPol->pOffers;
  523. }
  524. }
  525. pQMPol->dwOfferCount = parser.Cmd[dwCount].dwStatus;
  526. pQMPol->pOffers = new IPSEC_QM_OFFER[pQMPol->dwOfferCount];
  527. if(pQMPol->pOffers == NULL)
  528. {
  529. dwReturn = ERROR_OUTOFMEMORY;
  530. BAIL_OUT;
  531. }
  533. //
  534. // Copy user given offer.
  535. //
  536. for(j=0;j<pQMPol->dwOfferCount;j++)
  537. {
  538. SecMethod = ((IPSEC_QM_OFFER **)parser.Cmd[dwCount].pArg)[j];
  539. if(SecMethod->dwNumAlgos > 0)
  540. {
  541. pQMPol->pOffers[j].dwNumAlgos = SecMethod->dwNumAlgos;
  542. memcpy(&(pQMPol->pOffers[j].Algos), &(SecMethod->Algos), sizeof(IPSEC_QM_ALGO[QM_MAX_ALGOS]));
  543. }
  544. pQMPol->pOffers[j].Lifetime.uKeyExpirationKBytes = SecMethod->Lifetime.uKeyExpirationKBytes;
  545. pQMPol->pOffers[j].Lifetime.uKeyExpirationTime = SecMethod->Lifetime.uKeyExpirationTime;
  546. pQMPol->pOffers[j].bPFSRequired = bOldQmpfs;
  547. pQMPol->pOffers[j].dwPFSGroup = dwOldPFSGr;
  548. }
  549. }
  550. break;
  551. default :
  552. break;
  553. }
  554. }
  556. //
  557. // If only pfs group is given without the qm offer then copy it separately.
  558. //
  559. for(j=0;j<pQMPol->dwOfferCount;j++)
  560. {
  561. if(bQmpfs)
  562. {
  563. pQMPol->pOffers[j].bPFSRequired = bQmpfs;
  564. switch(dwPFSGr)
  565. {
  566. case 0:
  567. pQMPol->pOffers[j].dwPFSGroup = 0;
  568. pQMPol->pOffers[j].bPFSRequired = FALSE;
  569. break;
  570. case 1:
  571. pQMPol->pOffers[j].dwPFSGroup = PFS_GROUP_1;
  572. pQMPol->pOffers[j].bPFSRequired = TRUE;
  573. break;
  574. case 2:
  575. pQMPol->pOffers[j].dwPFSGroup = PFS_GROUP_2;
  576. pQMPol->pOffers[j].bPFSRequired = TRUE;
  577. break;
  578. case 3:
  579. pQMPol->pOffers[j].dwPFSGroup = PFS_GROUP_2048;
  580. pQMPol->pOffers[j].bPFSRequired = TRUE;
  581. break;
  582. case 4:
  583. pQMPol->pOffers[j].dwPFSGroup = PFS_GROUP_MM;
  584. pQMPol->pOffers[j].bPFSRequired = TRUE;
  585. break;
  586. }
  587. }
  588. }
  589. //
  590. // Set the quick mode policy
  591. //
  592. dwReturn = SetQuickModePolicy( pszPolicyName, pQMPol);
  594. error:
  596. if(dwArgCount > 3)
  597. {
  598. CleanUp();
  599. }
  601. if(pszPolicyName)
  602. {
  603. delete [] pszPolicyName;
  604. }
  605. //
  606. // error clean up path.
  607. //
  608. if((pQMPol) && (pQMPol->pOffers))
  609. {
  610. if(pQMPol->dwOfferCount)
  611. {
  612. delete [] pQMPol->pOffers;
  613. }
  614. else
  615. {
  616. delete pQMPol->pOffers;
  617. }
  618. }
  619. if((pQMPol) && (pQMPol->pszPolicyName))
  620. {
  621. delete [] pQMPol->pszPolicyName;
  622. }
  624. if(pOldQMPol)
  625. {
  626. SPDApiBufferFree(pOldQMPol);
  627. pOldQMPol = NULL;
  628. }
  630. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE) &&(dwReturn != ERROR_NO_DISPLAY))
  631. {
  632. //api errors
  633. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  634. dwReturn = ERROR_SUCCESS;
  635. }
  637. //already one error displayed.
  638. if(dwReturn == ERROR_NO_DISPLAY)
  639. {
  640. dwReturn = ERROR_SUCCESS;
  641. }
  642. return dwReturn;
  643. }
  645. ///////////////////////////////////////////////////////////////////////////////////////////
  646. //
  647. // Function : HandleDynamicAddMMPolicy
  648. //
  649. // Date of Creation: 9-23-2001
  650. //
  651. // Parameters :
  652. // IN LPCWSTR pwszMachine,
  653. // IN OUT LPWSTR *ppwcArguments,
  654. // IN DWORD dwCurrentIndex,
  655. // IN DWORD dwArgCount,
  656. // IN DWORD dwFlags,
  657. // IN LPCVOID pvData,
  658. // OUT BOOL *pbDone
  659. // Return : DWORD
  660. //
  661. // Description : Netshell Dynamic handle for add main mode policy
  662. //
  663. // Revision History:
  664. //
  665. // Date Author Comments
  666. //
  667. //////////////////////////////////////////////////////////////////////////////////////////
  669. DWORD WINAPI
  670. HandleDynamicAddMMPolicy(
  671. IN LPCWSTR pwszMachine,
  672. IN OUT LPWSTR *ppwcArguments,
  673. IN DWORD dwCurrentIndex,
  674. IN DWORD dwArgCount,
  675. IN DWORD dwFlags,
  676. IN LPCVOID pvData,
  677. OUT BOOL *pbDone
  678. )
  679. {
  680. DWORD dwReturn = ERROR_SHOW_USAGE;
  681. DWORD dwNameLen = 0;
  682. DWORD dwCount = 0;
  683. IPSEC_MM_POLICY MMPol;
  684. LPTSTR pszPolicyName = NULL;
  686. DWORD dwQmperMM = 0;
  687. DWORD dwKbLife = 0;
  688. DWORD dwSecLife = POTF_DEFAULT_P1REKEY_TIME, j=0;
  689. const TAG_TYPE vcmdDynamicAddMMPolicy[] =
  690. {
  691. { CMD_TOKEN_STR_NAME, NS_REQ_PRESENT, FALSE },
  692. { CMD_TOKEN_STR_QMPERMM, NS_REQ_ZERO, FALSE },
  693. { CMD_TOKEN_STR_MMLIFETIME, NS_REQ_ZERO, FALSE },
  694. { CMD_TOKEN_STR_SOFTSAEXPTIME, NS_REQ_ZERO, FALSE },
  695. { CMD_TOKEN_STR_DEFRESPONSE, NS_REQ_ZERO, FALSE },
  696. { CMD_TOKEN_STR_MMSECMETHODS, NS_REQ_ZERO, FALSE }
  697. };
  698. const TOKEN_VALUE vtokDynamicAddMMPolicy[] =
  699. {
  700. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  701. { CMD_TOKEN_STR_QMPERMM, CMD_TOKEN_QMPERMM },
  702. { CMD_TOKEN_STR_MMLIFETIME, CMD_TOKEN_MMLIFETIME },
  703. { CMD_TOKEN_STR_SOFTSAEXPTIME, CMD_TOKEN_SOFTSAEXPTIME },
  704. { CMD_TOKEN_STR_DEFRESPONSE, CMD_TOKEN_DEFRESPONSE },
  705. { CMD_TOKEN_STR_MMSECMETHODS, CMD_TOKEN_MMSECMETHODS }
  706. };
  707. PARSER_PKT parser;
  708. ZeroMemory(&parser, sizeof(parser));
  710. memset(&MMPol, 0, sizeof(IPSEC_MM_POLICY));
  711. MMPol.uSoftExpirationTime = POTF_DEF_P1SOFT_TIME;
  712. //
  713. // Bail out as user has not given sufficient arguments.
  714. //
  715. if(dwArgCount <= 3)
  716. {
  717. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  718. BAIL_OUT;
  719. }
  720. parser.ValidTok = vtokDynamicAddMMPolicy;
  721. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicAddMMPolicy);
  723. parser.ValidCmd = vcmdDynamicAddMMPolicy;
  724. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicAddMMPolicy);
  726. //
  727. // Get the user input after parsing the data
  728. //
  729. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  731. if(dwReturn != ERROR_SUCCESS)
  732. {
  733. if(dwReturn == RETURN_NO_ERROR)
  734. {
  735. dwReturn = ERROR_NO_DISPLAY;
  736. BAIL_OUT;
  737. }
  738. else
  739. {
  740. dwReturn = ERROR_SHOW_USAGE;
  741. BAIL_OUT;
  742. }
  743. }
  744. //
  745. // Check for user given tokens from the parser and copy into local variables
  746. //
  747. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  748. {
  749. switch(vtokDynamicAddMMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  750. {
  751. case CMD_TOKEN_NAME :
  752. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  753. {
  754. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  755. pszPolicyName = new _TCHAR[dwNameLen];
  756. if(pszPolicyName == NULL)
  757. {
  758. dwReturn = ERROR_OUTOFMEMORY;
  759. BAIL_OUT;
  760. }
  761. _tcsncpy(pszPolicyName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  762. }
  763. break;
  764. case CMD_TOKEN_DEFRESPONSE :
  765. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  766. {
  767. if(*(BOOL *)parser.Cmd[dwCount].pArg)
  768. {
  769. MMPol.dwFlags |= IPSEC_MM_POLICY_DEFAULT_POLICY;
  770. }
  771. }
  772. break;
  773. case CMD_TOKEN_MMLIFETIME :
  774. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  775. {
  776. dwSecLife = ((*(DWORD *)parser.Cmd[dwCount].pArg ) * 60);
  777. }
  778. break;
  779. case CMD_TOKEN_QMPERMM :
  780. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  781. {
  782. dwQmperMM = *(DWORD *)parser.Cmd[dwCount].pArg;
  783. }
  784. break;
  785. case CMD_TOKEN_SOFTSAEXPTIME :
  786. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  787. {
  788. MMPol.uSoftExpirationTime = ((*(DWORD *)parser.Cmd[dwCount].pArg) * 60);
  789. }
  790. break;
  791. case CMD_TOKEN_MMSECMETHODS :
  792. IPSEC_MM_OFFER *SecMethod;
  793. if (parser.Cmd[dwCount].dwStatus != 0)
  794. {
  795. MMPol.dwOfferCount = parser.Cmd[dwCount].dwStatus;
  796. MMPol.pOffers = new IPSEC_MM_OFFER[MMPol.dwOfferCount];
  797. if(MMPol.pOffers == NULL)
  798. {
  799. dwReturn = ERROR_OUTOFMEMORY;
  800. BAIL_OUT;
  801. }
  802. //
  803. // Copy security methods.
  804. //
  805. for(j=0;j<MMPol.dwOfferCount;j++)
  806. {
  807. SecMethod = ((IPSEC_MM_OFFER **)parser.Cmd[dwCount].pArg)[j];
  808. memcpy(&(MMPol.pOffers[j]), SecMethod, sizeof(IPSEC_MM_OFFER));
  809. }
  810. }
  811. break;
  812. default :
  813. break;
  814. }
  815. }
  817. for(j=0;j<MMPol.dwOfferCount;j++)
  818. {
  819. MMPol.pOffers[j].dwQuickModeLimit = dwQmperMM;
  820. MMPol.pOffers[j].Lifetime.uKeyExpirationKBytes = dwKbLife;
  821. MMPol.pOffers[j].Lifetime.uKeyExpirationTime = dwSecLife;
  822. }
  824. dwReturn = AddMainModePolicy( pszPolicyName, MMPol);
  825. error:
  826. if(dwArgCount > 3)
  827. {
  828. CleanUp();
  829. }
  830. //
  831. // Error cleanup path
  832. //
  833. if(pszPolicyName)
  834. {
  835. delete [] pszPolicyName;
  836. }
  837. if(MMPol.pOffers)
  838. {
  839. if(MMPol.dwOfferCount > 1)
  840. {
  841. delete [] (MMPol.pOffers);
  842. }
  843. else
  844. {
  845. delete MMPol.pOffers;
  846. }
  847. }
  848. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  849. {
  850. //api errors
  851. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  852. dwReturn = ERROR_SUCCESS;
  853. }
  855. //already one error displayed.
  856. if(dwReturn == ERROR_NO_DISPLAY)
  857. {
  858. dwReturn = ERROR_SUCCESS;
  859. }
  860. return dwReturn;
  861. }
  863. ///////////////////////////////////////////////////////////////////////////////////////////
  864. //
  865. // Function : HandleDynamicSetMMPolicy
  866. //
  867. // Date of Creation: 9-23-2001
  868. //
  869. // Parameters :
  870. // IN LPCWSTR pwszMachine,
  871. // IN OUT LPWSTR *ppwcArguments,
  872. // IN DWORD dwCurrentIndex,
  873. // IN DWORD dwArgCount,
  874. // IN DWORD dwFlags,
  875. // IN LPCVOID pvData,
  876. // OUT BOOL *pbDone
  877. // Return : DWORD
  878. //
  879. // Description : Netshell Dynamic handle for set main mode policy
  880. //
  881. // Revision History:
  882. //
  883. // Date Author Comments
  884. //
  885. //////////////////////////////////////////////////////////////////////////////////////////
  887. DWORD WINAPI
  888. HandleDynamicSetMMPolicy(
  889. IN LPCWSTR pwszMachine,
  890. IN OUT LPWSTR *ppwcArguments,
  891. IN DWORD dwCurrentIndex,
  892. IN DWORD dwArgCount,
  893. IN DWORD dwFlags,
  894. IN LPCVOID pvData,
  895. OUT BOOL *pbDone
  896. )
  897. {
  898. DWORD dwReturn = ERROR_SHOW_USAGE;
  899. DWORD dwCount = 0, j=0;
  900. DWORD dwNameLen = 0;
  901. LPTSTR pszPolicyName = NULL;
  902. IPSEC_MM_POLICY MMPol;
  903. PIPSEC_MM_POLICY pMMPol = NULL;
  905. BOOL bSeclife = FALSE, bQmpermm = FALSE;
  907. DWORD dwQmperMM = 0;
  908. DWORD dwSecLife = POTF_DEFAULT_P1REKEY_TIME;
  910. DWORD dwOldQmperMM = 0;
  911. DWORD dwOldKbLife = 0;
  912. DWORD dwOldSecLife = 0;
  913. DWORD dwVersion = 0;
  915. const TAG_TYPE vcmdDynamicSetMMPolicy[] =
  916. {
  917. { CMD_TOKEN_STR_NAME, NS_REQ_PRESENT, FALSE },
  918. { CMD_TOKEN_STR_QMPERMM, NS_REQ_ZERO, FALSE },
  919. { CMD_TOKEN_STR_MMLIFETIME, NS_REQ_ZERO, FALSE },
  920. { CMD_TOKEN_STR_SOFTSAEXPTIME, NS_REQ_ZERO, FALSE },
  921. { CMD_TOKEN_STR_DEFRESPONSE, NS_REQ_ZERO, FALSE },
  922. { CMD_TOKEN_STR_MMSECMETHODS, NS_REQ_ZERO, FALSE }
  923. };
  924. const TOKEN_VALUE vtokDynamicSetMMPolicy[] =
  925. {
  926. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  927. { CMD_TOKEN_STR_QMPERMM, CMD_TOKEN_QMPERMM },
  928. { CMD_TOKEN_STR_MMLIFETIME, CMD_TOKEN_MMLIFETIME },
  929. { CMD_TOKEN_STR_SOFTSAEXPTIME, CMD_TOKEN_SOFTSAEXPTIME },
  930. { CMD_TOKEN_STR_DEFRESPONSE, CMD_TOKEN_DEFRESPONSE },
  931. { CMD_TOKEN_STR_MMSECMETHODS, CMD_TOKEN_MMSECMETHODS }
  932. };
  934. PARSER_PKT parser;
  935. ZeroMemory(&parser, sizeof(parser));
  937. memset(&MMPol, 0, sizeof(IPSEC_MM_POLICY));
  939. MMPol.uSoftExpirationTime = POTF_DEF_P1SOFT_TIME;
  940. //
  941. // Bail out as user has not given sufficient arguments.
  942. //
  943. if(dwArgCount <= 3)
  944. {
  945. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  946. BAIL_OUT;
  947. }
  948. parser.ValidTok = vtokDynamicSetMMPolicy;
  949. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicSetMMPolicy);
  951. parser.ValidCmd = vcmdDynamicSetMMPolicy;
  952. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicSetMMPolicy);
  954. //
  955. // Get the user input after parsing the data
  956. //
  957. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  958. if(dwReturn != ERROR_SUCCESS)
  959. {
  960. if(dwReturn == RETURN_NO_ERROR)
  961. {
  962. dwReturn = ERROR_NO_DISPLAY;
  963. BAIL_OUT;
  964. }
  965. else
  966. {
  967. dwReturn = ERROR_SHOW_USAGE;
  968. BAIL_OUT;
  969. }
  970. }
  971. //
  972. // Check for user given tokens from the parser and copy into local variables
  973. //
  974. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  975. {
  976. switch(vtokDynamicSetMMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  977. {
  978. case CMD_TOKEN_NAME :
  979. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  980. {
  981. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  982. pszPolicyName = new _TCHAR[dwNameLen];
  983. if(pszPolicyName == NULL)
  984. {
  985. dwReturn = ERROR_OUTOFMEMORY;
  986. BAIL_OUT;
  987. }
  988. _tcsncpy(pszPolicyName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  989. }
  990. break;
  991. default :
  992. break;
  993. }
  994. }
  995. //
  996. // Get the corresponding MMPolicy for the user given mmpolicy name
  997. //
  998. dwReturn = GetMMPolicy(g_szDynamicMachine,dwVersion, pszPolicyName, &pMMPol, NULL);
  1000. if((dwReturn != ERROR_SUCCESS) || (!pMMPol))
  1001. {
  1002. BAIL_OUT;
  1003. }
  1004. //
  1005. // Copy old data into local variables
  1006. //
  1007. memcpy( &MMPol, pMMPol, sizeof(IPSEC_MM_POLICY));
  1009. dwNameLen = _tcslen(pMMPol->pszPolicyName)+1;
  1010. MMPol.pszPolicyName = new _TCHAR[dwNameLen];
  1011. if(MMPol.pszPolicyName == NULL)
  1012. {
  1013. dwReturn = ERROR_OUTOFMEMORY;
  1014. BAIL_OUT;
  1015. }
  1016. _tcsncpy(MMPol.pszPolicyName, pMMPol->pszPolicyName, dwNameLen);
  1018. MMPol.pOffers = new IPSEC_MM_OFFER[MMPol.dwOfferCount];
  1019. if(MMPol.pOffers == NULL)
  1020. {
  1021. dwReturn = ERROR_OUTOFMEMORY;
  1022. BAIL_OUT;
  1023. }
  1024. for(j=0; j<MMPol.dwOfferCount; j++)
  1025. {
  1026. memcpy(&(MMPol.pOffers[j]), &(pMMPol->pOffers[j]), sizeof(IPSEC_MM_OFFER));
  1027. }
  1029. SPDApiBufferFree(pMMPol);
  1030. pMMPol = NULL;
  1031. //
  1032. // Check for user given tokens from the parser and copy into local variables
  1033. //
  1034. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  1035. {
  1036. switch(vtokDynamicSetMMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  1037. {
  1038. case CMD_TOKEN_DEFRESPONSE :
  1039. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  1040. {
  1041. if(*(BOOL *)parser.Cmd[dwCount].pArg)
  1042. {
  1043. MMPol.dwFlags |= IPSEC_MM_POLICY_DEFAULT_POLICY;
  1044. }
  1045. else
  1046. {
  1047. MMPol.dwFlags &= ~IPSEC_MM_POLICY_DEFAULT_POLICY;
  1048. }
  1049. }
  1050. break;
  1051. case CMD_TOKEN_MMLIFETIME :
  1052. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  1053. {
  1054. dwSecLife = ((*(DWORD *)parser.Cmd[dwCount].pArg ) * 60);
  1055. bSeclife = TRUE;
  1056. }
  1057. break;
  1058. case CMD_TOKEN_QMPERMM :
  1059. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  1060. {
  1061. dwQmperMM = *(DWORD *)parser.Cmd[dwCount].pArg;
  1062. bQmpermm = TRUE;
  1063. }
  1064. break;
  1065. case CMD_TOKEN_SOFTSAEXPTIME :
  1066. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  1067. {
  1068. MMPol.uSoftExpirationTime = ((*(DWORD *)parser.Cmd[dwCount].pArg) * 60);
  1069. }
  1070. break;
  1071. case CMD_TOKEN_MMSECMETHODS :
  1072. IPSEC_MM_OFFER *SecMethod;
  1073. if (parser.Cmd[dwCount].dwStatus != 0)
  1074. {
  1075. if((MMPol.pOffers)&&(MMPol.dwOfferCount))
  1076. {
  1077. dwOldQmperMM = MMPol.pOffers[0].dwQuickModeLimit;
  1078. dwOldKbLife = MMPol.pOffers[0].Lifetime.uKeyExpirationKBytes;
  1079. dwOldSecLife = MMPol.pOffers[0].Lifetime.uKeyExpirationTime;
  1081. if(MMPol.dwOfferCount)
  1082. {
  1083. delete [] (MMPol.pOffers);
  1084. }
  1085. else
  1086. {
  1087. delete (MMPol.pOffers);
  1088. }
  1089. }
  1090. MMPol.dwOfferCount = parser.Cmd[dwCount].dwStatus;
  1091. MMPol.pOffers = new IPSEC_MM_OFFER[MMPol.dwOfferCount];
  1092. if(MMPol.pOffers == NULL)
  1093. {
  1094. dwReturn = ERROR_OUTOFMEMORY;
  1095. BAIL_OUT;
  1096. }
  1097. //
  1098. // Copy user given new security methods
  1099. //
  1100. for(j=0;j<MMPol.dwOfferCount;j++)
  1101. {
  1102. SecMethod = ((IPSEC_MM_OFFER **)parser.Cmd[dwCount].pArg)[j];
  1103. MMPol.pOffers[j].dwDHGroup = SecMethod->dwDHGroup;
  1104. MMPol.pOffers[j].EncryptionAlgorithm = SecMethod->EncryptionAlgorithm;
  1105. MMPol.pOffers[j].HashingAlgorithm = SecMethod->HashingAlgorithm;
  1106. MMPol.pOffers[j].dwQuickModeLimit = dwOldQmperMM;
  1107. MMPol.pOffers[j].Lifetime.uKeyExpirationKBytes = dwOldKbLife;
  1108. MMPol.pOffers[j].Lifetime.uKeyExpirationTime = dwOldSecLife;
  1109. }
  1110. }
  1111. break;
  1112. default :
  1113. break;
  1114. }
  1115. }
  1116. //
  1117. // Copy qmpermm and lifetime separately if mm offer is not given by user.
  1118. //
  1119. for(j=0;j<MMPol.dwOfferCount;j++)
  1120. {
  1121. if(bQmpermm)
  1122. {
  1123. MMPol.pOffers[j].dwQuickModeLimit = dwQmperMM;
  1124. }
  1125. if(bSeclife)
  1126. {
  1127. MMPol.pOffers[j].Lifetime.uKeyExpirationTime = dwSecLife;
  1128. }
  1130. }
  1132. dwReturn = SetMainModePolicy( pszPolicyName, MMPol);
  1134. error:
  1135. if(dwArgCount > 3)
  1136. {
  1137. CleanUp();
  1138. }
  1139. //
  1140. // error cleanup path.
  1141. //
  1142. if(pszPolicyName)
  1143. {
  1144. delete [] pszPolicyName;
  1145. }
  1147. if(MMPol.pszPolicyName)
  1148. delete [] MMPol.pszPolicyName;
  1150. if(MMPol.pOffers)
  1151. {
  1152. if(MMPol.dwOfferCount)
  1153. {
  1154. delete [] (MMPol.pOffers);
  1155. }
  1156. else
  1157. {
  1158. delete (MMPol.pOffers);
  1159. }
  1160. }
  1162. if(pMMPol)
  1163. {
  1164. SPDApiBufferFree(pMMPol);
  1165. pMMPol = NULL;
  1166. }
  1168. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  1169. {
  1170. //api errors
  1171. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1172. dwReturn = ERROR_SUCCESS;
  1173. }
  1174. //already one error displayed.
  1175. if(dwReturn == ERROR_NO_DISPLAY)
  1176. {
  1177. dwReturn = ERROR_SUCCESS;
  1178. }
  1179. return dwReturn;
  1180. }
  1182. ///////////////////////////////////////////////////////////////////////////////////////////
  1183. //
  1184. // Function : HandleDynamicShowAll
  1185. //
  1186. // Date of Creation: 9-23-2001
  1187. //
  1188. // Parameters :
  1189. // IN LPCWSTR pwszMachine,
  1190. // IN OUT LPWSTR *ppwcArguments,
  1191. // IN DWORD dwCurrentIndex,
  1192. // IN DWORD dwArgCount,
  1193. // IN DWORD dwFlags,
  1194. // IN LPCVOID pvData,
  1195. // OUT BOOL *pbDone
  1196. // Return : DWORD
  1197. //
  1198. // Description : Netshell Dynamic handle for show all
  1199. //
  1200. // Revision History:
  1201. //
  1202. // Date Author Comments
  1203. //
  1204. //////////////////////////////////////////////////////////////////////////////////////////
  1206. DWORD WINAPI
  1207. HandleDynamicShowAll(
  1208. IN LPCWSTR pwszMachine,
  1209. IN OUT LPWSTR *ppwcArguments,
  1210. IN DWORD dwCurrentIndex,
  1211. IN DWORD dwArgCount,
  1212. IN DWORD dwFlags,
  1213. IN LPCVOID pvData,
  1214. OUT BOOL *pbDone
  1215. )
  1216. {
  1217. DWORD dwReturn = ERROR_SHOW_USAGE,dwCount;
  1218. ADDR SrcAddr,DesAddr;
  1219. BOOL bResolveDNS = FALSE;
  1220. BOOL bSrcMask = FALSE;
  1221. BOOL bDstMask = FALSE;
  1223. SrcAddr.uIpAddr = 0xFFFFFFFF;
  1224. DesAddr.uIpAddr = 0xFFFFFFFF;
  1225. SrcAddr.AddrType = IP_ADDR_UNIQUE;
  1226. DesAddr.AddrType = IP_ADDR_UNIQUE;
  1228. DWORD dwProtocol = 0xFFFFFFFF;
  1230. QM_FILTER_VALUE_BOOL QMBoolValue;
  1231. QMBoolValue.bSrcPort = FALSE;
  1232. QMBoolValue.bDstPort= FALSE;
  1233. QMBoolValue.bProtocol= FALSE;
  1234. QMBoolValue.bActionInbound = FALSE;
  1235. QMBoolValue.bActionOutbound= FALSE;
  1237. NshHashTable addressHash;
  1239. //
  1240. // To take care of PASS in test tool, as show is being tested only for parser output.
  1241. //
  1242. UpdateGetLastError(NULL);
  1244. const TAG_TYPE vcmdDynamicShowAll[] =
  1245. {
  1246. { CMD_TOKEN_STR_RESDNS, NS_REQ_ZERO, FALSE }
  1247. };
  1248. const TOKEN_VALUE vtokDynamicShowAll[] =
  1249. {
  1250. { CMD_TOKEN_STR_RESDNS, CMD_TOKEN_RESDNS }
  1251. };
  1253. PARSER_PKT parser;
  1254. ZeroMemory(&parser, sizeof(parser));
  1256. if(dwArgCount == 3)
  1257. {
  1258. //if no argument specified print with default options
  1259. goto PRINT;
  1260. }
  1261. else if(dwArgCount < 3)
  1262. {
  1263. //
  1264. // Bail out as user has not given sufficient arguments.
  1265. //
  1266. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  1267. BAIL_OUT;
  1268. }
  1270. parser.ValidTok = vtokDynamicShowAll;
  1271. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicShowAll);
  1273. parser.ValidCmd = vcmdDynamicShowAll;
  1274. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicShowAll);
  1276. //
  1277. // Get the user input after parsing the data
  1278. //
  1279. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  1280. if(dwReturn != ERROR_SUCCESS)
  1281. {
  1282. if(dwReturn == RETURN_NO_ERROR)
  1283. {
  1284. dwReturn = ERROR_NO_DISPLAY;
  1285. BAIL_OUT;
  1286. }
  1287. else
  1288. {
  1289. dwReturn = ERROR_SHOW_USAGE;
  1290. BAIL_OUT;
  1291. }
  1292. }
  1293. //
  1294. // Check for user given tokens from the parser and copy into local variables
  1295. //
  1296. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  1297. {
  1298. switch(vtokDynamicShowAll[parser.Cmd[dwCount].dwCmdToken].dwValue)
  1299. {
  1300. case CMD_TOKEN_RESDNS :
  1301. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  1302. {
  1303. bResolveDNS = *(BOOL *)parser.Cmd[dwCount].pArg;
  1304. }
  1305. break;
  1306. default :
  1307. break;
  1308. }
  1309. }
  1311. PRINT:
  1312. // Show all GPO information
  1313. POLICY_INFO policyInfo;
  1314. ZeroMemory(&policyInfo, sizeof(POLICY_INFO));
  1315. policyInfo.dwLocation=IPSEC_REGISTRY_PROVIDER;
  1316. PGPO pGPO=new GPO;
  1317. if(pGPO==NULL)
  1318. {
  1319. PrintErrorMessage(WIN32_ERR,ERROR_OUTOFMEMORY,NULL);
  1320. dwReturn = ERROR_SUCCESS;
  1321. BAIL_OUT;
  1322. }
  1323. ZeroMemory(pGPO, sizeof(GPO));
  1324. ShowLocalGpoPolicy(policyInfo, pGPO);
  1326. //
  1327. // Show all mmpolicy details
  1328. //
  1329. dwReturn = ShowMMPolicy(NULL);
  1330. if(dwReturn != ERROR_SUCCESS)
  1331. {
  1332. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1333. }
  1335. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1337. //
  1338. // Show all qmpolicy details
  1339. //
  1340. dwReturn = ShowQMPolicy(NULL);
  1341. if(dwReturn != ERROR_SUCCESS)
  1342. {
  1343. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1344. }
  1346. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1348. //
  1349. // Show all generic mmfilter details
  1350. //
  1351. dwReturn = ShowMMFilters(NULL, TRUE, SrcAddr, DesAddr, addressHash, bResolveDNS, bSrcMask, bDstMask);
  1352. if(dwReturn != ERROR_SUCCESS)
  1353. {
  1354. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1355. }
  1357. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1359. //
  1360. // Show all specific mmfilter details
  1361. //
  1362. dwReturn = ShowMMFilters(NULL, FALSE, SrcAddr, DesAddr, addressHash, bResolveDNS, bSrcMask, bDstMask);
  1363. if(dwReturn != ERROR_SUCCESS)
  1364. {
  1365. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1366. }
  1368. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1370. //
  1371. // Show all generic qmfilter details
  1372. //
  1373. dwReturn = ShowQMFilters(NULL, TRUE, SrcAddr, DesAddr, addressHash, bResolveDNS, bSrcMask, bDstMask, QMBoolValue);
  1374. if(dwReturn != ERROR_SUCCESS)
  1375. {
  1376. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1377. }
  1379. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1381. //
  1382. // Show all specific qmfilter details
  1383. //
  1384. dwReturn = ShowQMFilters(NULL, FALSE, SrcAddr, DesAddr, addressHash, bResolveDNS, bSrcMask, bDstMask, QMBoolValue);
  1385. if(dwReturn != ERROR_SUCCESS)
  1386. {
  1387. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1388. }
  1390. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1392. //
  1393. // Show all main mode security associations
  1394. //
  1395. dwReturn = ShowMMSas(SrcAddr, DesAddr, FALSE, addressHash, bResolveDNS);
  1396. if(dwReturn != ERROR_SUCCESS)
  1397. {
  1398. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1399. }
  1401. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1403. //
  1404. // Show all quick mode security associations
  1405. //
  1406. dwReturn = ShowQMSas(SrcAddr,DesAddr, dwProtocol, addressHash, bResolveDNS);
  1407. if(dwReturn != ERROR_SUCCESS)
  1408. {
  1409. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1410. }
  1412. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1414. //
  1415. // Show all Ipsec related registry keys
  1416. //
  1417. dwReturn = ShowRegKeys();
  1418. if(dwReturn != ERROR_SUCCESS)
  1419. {
  1420. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1421. }
  1423. PrintMessageFromModule(g_hModule, DYNAMIC_SHOW_NEWLINE);
  1425. //
  1426. // Show all IPSec and IKE statistics
  1427. //
  1428. dwReturn = ShowStats(STATS_ALL);
  1429. if(dwReturn != ERROR_SUCCESS)
  1430. {
  1431. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1432. }
  1434. // all the errors have been displayed...
  1435. // as such send ERROR_SUCCESS to netsh
  1437. dwReturn = ERROR_SUCCESS;
  1438. error:
  1439. if(pGPO) // clean up the GPO structure
  1440. {
  1441. if(pGPO->pszGPODisplayName) delete [] pGPO->pszGPODisplayName;
  1442. if(pGPO->pszGPODNName) delete [] pGPO->pszGPODNName;
  1443. if(pGPO->pszPolicyName) delete [] pGPO->pszPolicyName;
  1444. if(pGPO->pszLocalPolicyName) delete [] pGPO->pszLocalPolicyName;
  1445. if(pGPO->pszPolicyDNName) delete [] pGPO->pszPolicyDNName;
  1446. if(pGPO->pszDomainName) delete [] pGPO->pszDomainName;
  1447. if(pGPO->pszDCName) delete [] pGPO->pszDCName;
  1448. if(pGPO->pszOULink) delete [] pGPO->pszOULink;
  1449. delete pGPO;
  1450. pGPO = NULL;
  1451. }
  1452. return dwReturn;
  1453. }
  1455. ///////////////////////////////////////////////////////////////////////////////////////////
  1456. //
  1457. // Function : HandleDynamicShowRegKeys
  1458. //
  1459. // Date of Creation: 9-23-2001
  1460. //
  1461. // Parameters :
  1462. // IN LPCWSTR pwszMachine,
  1463. // IN OUT LPWSTR *ppwcArguments,
  1464. // IN DWORD dwCurrentIndex,
  1465. // IN DWORD dwArgCount,
  1466. // IN DWORD dwFlags,
  1467. // IN LPCVOID pvData,
  1468. // OUT BOOL *pbDone
  1469. // Return : DWORD
  1470. //
  1471. // Description : Netshell Dynamic handle for show registry keys of ipsec driver.
  1472. //
  1473. // Revision History:
  1474. //
  1475. // Date Author Comments
  1476. //
  1477. //////////////////////////////////////////////////////////////////////////////////////////
  1478. DWORD WINAPI
  1479. HandleDynamicShowRegKeys(
  1480. IN LPCWSTR pwszMachine,
  1481. IN OUT LPWSTR *ppwcArguments,
  1482. IN DWORD dwCurrentIndex,
  1483. IN DWORD dwArgCount,
  1484. IN DWORD dwFlags,
  1485. IN LPCVOID pvData,
  1486. OUT BOOL *pbDone
  1487. )
  1488. {
  1489. DWORD dwReturn = ERROR_SHOW_USAGE;
  1491. //No errors should be displayed in test tool,
  1492. //as show commands are only tested for parser output.
  1493. UpdateGetLastError(NULL);
  1495. if(dwArgCount > 2)
  1496. {
  1497. dwReturn = ShowRegKeys();
  1498. }
  1499. else
  1500. {
  1501. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  1502. }
  1504. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  1505. {
  1506. //api errors
  1507. PrintErrorMessage(WIN32_ERR, dwReturn, ERRCODE_SHOW_REG_16);
  1508. dwReturn = ERROR_SUCCESS;
  1509. }
  1511. //already one error displayed.
  1512. if(dwReturn == ERROR_NO_DISPLAY)
  1513. {
  1514. dwReturn = ERROR_SUCCESS;
  1515. }
  1517. return dwReturn;
  1519. }
  1521. ///////////////////////////////////////////////////////////////////////////////////////////
  1522. //
  1523. // Function : HandleDynamicShowStats
  1524. //
  1525. // Date of Creation: 9-23-2001
  1526. //
  1527. // Parameters :
  1528. // IN LPCWSTR pwszMachine,
  1529. // IN OUT LPWSTR *ppwcArguments,
  1530. // IN DWORD dwCurrentIndex,
  1531. // IN DWORD dwArgCount,
  1532. // IN DWORD dwFlags,
  1533. // IN LPCVOID pvData,
  1534. // OUT BOOL *pbDone
  1535. // Return : DWORD
  1536. //
  1537. // Description : Netshell Dynamic handle for show statistics
  1538. //
  1539. // Revision History:
  1540. //
  1541. // Date Author Comments
  1542. //
  1543. //////////////////////////////////////////////////////////////////////////////////////////
  1545. DWORD WINAPI
  1546. HandleDynamicShowStats(
  1547. IN LPCWSTR pwszMachine,
  1548. IN OUT LPWSTR *ppwcArguments,
  1549. IN DWORD dwCurrentIndex,
  1550. IN DWORD dwArgCount,
  1551. IN DWORD dwFlags,
  1552. IN LPCVOID pvData,
  1553. OUT BOOL *pbDone
  1554. )
  1555. {
  1556. DWORD dwReturn = ERROR_SHOW_USAGE;
  1557. DWORD dwShow = STATS_ALL;
  1558. DWORD dwCount = 0;
  1559. const TAG_TYPE vcmdDynamicShowStatistics[] =
  1560. {
  1561. { CMD_TOKEN_STR_TYPE, NS_REQ_ZERO, FALSE }
  1562. };
  1563. const TOKEN_VALUE vtokDynamicShowStatistics[] =
  1564. {
  1565. { CMD_TOKEN_STR_TYPE, CMD_TOKEN_TYPE }
  1566. };
  1568. PARSER_PKT parser;
  1569. ZeroMemory(&parser, sizeof(parser));
  1571. if(dwArgCount == 3)
  1572. {
  1573. dwReturn = ShowStats(dwShow);
  1574. BAIL_OUT;
  1575. }
  1576. //
  1577. // Bail out as user has not given sufficient arguments.
  1578. //
  1579. else if(dwArgCount < 3)
  1580. {
  1581. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  1582. BAIL_OUT;
  1583. }
  1585. parser.ValidTok = vtokDynamicShowStatistics;
  1586. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicShowStatistics);
  1588. parser.ValidCmd = vcmdDynamicShowStatistics;
  1589. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicShowStatistics);
  1591. //
  1592. // Get the user input after parsing the data
  1593. //
  1594. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  1595. if(dwReturn != ERROR_SUCCESS)
  1596. {
  1597. if(dwReturn == RETURN_NO_ERROR)
  1598. {
  1599. dwReturn = ERROR_NO_DISPLAY;
  1600. BAIL_OUT;
  1601. }
  1602. else
  1603. {
  1604. dwReturn = ERROR_SHOW_USAGE;
  1605. BAIL_OUT;
  1606. }
  1607. }
  1608. //
  1609. // Check for user given tokens from the parser and copy into local variables
  1610. //
  1611. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  1612. {
  1613. switch(vtokDynamicShowStatistics[parser.Cmd[dwCount].dwCmdToken].dwValue)
  1614. {
  1615. case CMD_TOKEN_TYPE :
  1616. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  1617. {
  1618. dwShow = *(DWORD *)parser.Cmd[dwCount].pArg;
  1619. }
  1620. break;
  1621. default :
  1622. break;
  1623. }
  1624. }
  1626. switch(dwShow)
  1627. {
  1628. case STATS_ALL:
  1629. case STATS_IKE:
  1630. case STATS_IPSEC:
  1631. dwReturn = ShowStats(dwShow);
  1632. break;
  1633. default:
  1634. PrintMessageFromModule(g_hModule, ERROR_PARSER_STATS);
  1635. dwReturn = ERROR_NO_DISPLAY;
  1636. BAIL_OUT;
  1637. break;
  1638. }
  1640. error:
  1641. if(dwArgCount > 3)
  1642. {
  1643. CleanUp();
  1644. }
  1646. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  1647. {
  1648. //api errors
  1649. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1650. dwReturn = ERROR_SUCCESS;
  1651. }
  1653. //already one error displayed.
  1654. if(dwReturn == ERROR_NO_DISPLAY)
  1655. {
  1656. dwReturn = ERROR_SUCCESS;
  1657. }
  1659. return dwReturn;
  1660. }
  1662. ///////////////////////////////////////////////////////////////////////////////////////////
  1663. //
  1664. // Function : HandleDynamicShowMMSas
  1665. //
  1666. // Date of Creation: 9-23-2001
  1667. //
  1668. // Parameters :
  1669. // IN LPCWSTR pwszMachine,
  1670. // IN OUT LPWSTR *ppwcArguments,
  1671. // IN DWORD dwCurrentIndex,
  1672. // IN DWORD dwArgCount,
  1673. // IN DWORD dwFlags,
  1674. // IN LPCVOID pvData,
  1675. // OUT BOOL *pbDone
  1676. // Return : DWORD
  1677. //
  1678. // Description : Netshell Dynamic handle for show main mode security associations
  1679. //
  1680. // Revision History:
  1681. //
  1682. // Date Author Comments
  1683. //
  1684. //////////////////////////////////////////////////////////////////////////////////////////
  1686. DWORD WINAPI
  1687. HandleDynamicShowMMSas(
  1688. IN LPCWSTR pwszMachine,
  1689. IN OUT LPWSTR *ppwcArguments,
  1690. IN DWORD dwCurrentIndex,
  1691. IN DWORD dwArgCount,
  1692. IN DWORD dwFlags,
  1693. IN LPCVOID pvData,
  1694. OUT BOOL *pbDone
  1695. )
  1696. {
  1697. DWORD dwReturn = ERROR_SHOW_USAGE;
  1698. DWORD dwCount = 0;
  1699. BOOL bFormat = FALSE;
  1700. BOOL bResolveDNS = FALSE;
  1701. ADDR SrcAddr,DesAddr;
  1703. NshHashTable addressHash;
  1705. //
  1706. // Default values
  1707. //
  1708. SrcAddr.uIpAddr = 0xFFFFFFFF;
  1709. DesAddr.uIpAddr = 0xFFFFFFFF;
  1710. SrcAddr.AddrType = IP_ADDR_UNIQUE;
  1711. DesAddr.AddrType = IP_ADDR_UNIQUE;
  1713. const TAG_TYPE vcmdDynamicShowMMSAs[] =
  1714. {
  1715. { CMD_TOKEN_STR_ALL, NS_REQ_ZERO, FALSE },
  1716. { CMD_TOKEN_STR_SRCADDR, NS_REQ_ZERO, FALSE },
  1717. { CMD_TOKEN_STR_DSTADDR, NS_REQ_ZERO, FALSE },
  1718. { CMD_TOKEN_STR_FORMAT, NS_REQ_ZERO, FALSE },
  1719. { CMD_TOKEN_STR_RESDNS, NS_REQ_ZERO, FALSE }
  1720. };
  1722. const TOKEN_VALUE vtokDynamicShowMMSAs[] =
  1723. {
  1724. { CMD_TOKEN_STR_ALL, CMD_TOKEN_ALL },
  1725. { CMD_TOKEN_STR_SRCADDR, CMD_TOKEN_SRCADDR },
  1726. { CMD_TOKEN_STR_DSTADDR, CMD_TOKEN_DSTADDR },
  1727. { CMD_TOKEN_STR_FORMAT, CMD_TOKEN_FORMAT },
  1728. { CMD_TOKEN_STR_RESDNS, CMD_TOKEN_RESDNS }
  1729. };
  1731. PARSER_PKT parser;
  1732. ZeroMemory(&parser, sizeof(parser));
  1734. if(dwArgCount == 3)
  1735. {
  1736. //
  1737. // all the records are to be displayed
  1738. //
  1739. dwReturn = ShowMMSas(SrcAddr, DesAddr, bFormat, addressHash, bResolveDNS);
  1740. BAIL_OUT;
  1741. }
  1742. //
  1743. // Bail out as user has not given sufficient arguments.
  1744. //
  1745. else if(dwArgCount < 3)
  1746. {
  1747. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  1748. BAIL_OUT;
  1749. }
  1751. parser.ValidTok = vtokDynamicShowMMSAs;
  1752. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicShowMMSAs);
  1754. parser.ValidCmd = vcmdDynamicShowMMSAs;
  1755. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicShowMMSAs);
  1757. //
  1758. // Get the user input after parsing the data
  1759. //
  1760. dwReturn = Parser(pwszMachine, ppwcArguments, dwCurrentIndex, dwArgCount, &parser);
  1762. if(dwReturn != ERROR_SUCCESS)
  1763. {
  1764. if(dwReturn == RETURN_NO_ERROR)
  1765. {
  1766. dwReturn = ERROR_NO_DISPLAY;
  1767. BAIL_OUT;
  1768. }
  1769. else
  1770. {
  1771. dwReturn = ERROR_SHOW_USAGE;
  1772. BAIL_OUT;
  1773. }
  1774. }
  1775. //
  1776. // Check for user given tokens from the parser and copy into local variables
  1777. //
  1778. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  1779. {
  1780. switch(vtokDynamicShowMMSAs[parser.Cmd[dwCount].dwCmdToken].dwValue)
  1781. {
  1782. case CMD_TOKEN_ALL :
  1783. break;
  1784. case CMD_TOKEN_RESDNS :
  1785. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  1786. {
  1787. bResolveDNS = *(BOOL *)parser.Cmd[dwCount].pArg;
  1788. }
  1789. break;
  1790. case CMD_TOKEN_SRCADDR :
  1791. if (parser.Cmd[dwCount].dwStatus)
  1792. {
  1793. //
  1794. // special servers id is available in dwStatus
  1795. //
  1796. switch(parser.Cmd[dwCount].dwStatus)
  1797. {
  1798. case SERVER_WINS:
  1799. SrcAddr.AddrType = IP_ADDR_WINS_SERVER;
  1800. break;
  1801. case SERVER_DHCP:
  1802. SrcAddr.AddrType = IP_ADDR_DHCP_SERVER;
  1803. break;
  1804. case SERVER_DNS:
  1805. SrcAddr.AddrType = IP_ADDR_DNS_SERVER;
  1806. break;
  1807. case SERVER_GATEWAY:
  1808. SrcAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  1809. break;
  1810. case IP_ME:
  1811. case IP_ANY:
  1812. AddSplAddr(SrcAddr, parser.Cmd[dwCount].dwStatus);
  1813. break;
  1814. case NOT_SPLSERVER:
  1815. //
  1816. // If it is not special server get the user given IP address
  1817. //
  1818. SrcAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  1819. break;
  1820. default:
  1821. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  1822. dwReturn = ERROR_NO_DISPLAY;
  1823. BAIL_OUT;
  1824. break;
  1825. }
  1826. }
  1827. break;
  1828. case CMD_TOKEN_DSTADDR :
  1829. if (parser.Cmd[dwCount].dwStatus)
  1830. {
  1831. //
  1832. // Special servers id is available in dwStatus
  1833. //
  1834. switch(parser.Cmd[dwCount].dwStatus)
  1835. {
  1836. case SERVER_WINS:
  1837. DesAddr.AddrType = IP_ADDR_WINS_SERVER;
  1838. break;
  1839. case SERVER_DHCP:
  1840. DesAddr.AddrType = IP_ADDR_DHCP_SERVER;
  1841. break;
  1842. case SERVER_DNS:
  1843. DesAddr.AddrType = IP_ADDR_DNS_SERVER;
  1844. break;
  1845. case SERVER_GATEWAY:
  1846. DesAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  1847. break;
  1848. case IP_ME:
  1849. case IP_ANY:
  1850. AddSplAddr(DesAddr, parser.Cmd[dwCount].dwStatus);
  1851. break;
  1852. case NOT_SPLSERVER:
  1853. //
  1854. // If it is not special server get the user given IP address
  1855. //
  1856. DesAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  1857. break;
  1858. default:
  1859. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  1860. dwReturn = ERROR_NO_DISPLAY;
  1861. BAIL_OUT;
  1862. break;
  1863. }
  1864. }
  1865. break;
  1866. case CMD_TOKEN_FORMAT :
  1867. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  1868. {
  1869. bFormat = *(BOOL *)parser.Cmd[dwCount].pArg;
  1870. }
  1871. break;
  1872. default :
  1873. break;
  1874. }
  1875. }
  1877. dwReturn = ShowMMSas(SrcAddr, DesAddr, bFormat, addressHash, bResolveDNS);
  1879. error:
  1881. if(dwArgCount > 3)
  1882. {
  1883. CleanUp();
  1884. }
  1886. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  1887. {
  1888. //api errors
  1889. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  1890. dwReturn = ERROR_SUCCESS;
  1891. }
  1893. //already one error displayed.
  1894. if(dwReturn == ERROR_NO_DISPLAY)
  1895. {
  1896. dwReturn = ERROR_SUCCESS;
  1897. }
  1899. return dwReturn;
  1900. }
  1902. ///////////////////////////////////////////////////////////////////////////////////////////
  1903. //
  1904. //Function: HandleDynamicShowQMSas
  1905. //
  1906. //Date of Creation: 9-23-2001
  1907. //
  1908. //Parameters:
  1909. // IN LPCWSTR pwszMachine,
  1910. // IN OUT LPWSTR *ppwcArguments,
  1911. // IN DWORD dwCurrentIndex,
  1912. // IN DWORD dwArgCount,
  1913. // IN DWORD dwFlags,
  1914. // IN LPCVOID pvData,
  1915. // OUT BOOL *pbDone
  1916. //Return: DWORD
  1917. //
  1918. //Description: Netshell Dynamic handle for show quick mode security associations.
  1919. //
  1920. //Revision History:
  1921. //
  1922. // Date Author Comments
  1923. //
  1924. //////////////////////////////////////////////////////////////////////////////////////////
  1925. DWORD WINAPI
  1926. HandleDynamicShowQMSas(
  1927. IN LPCWSTR pwszMachine,
  1928. IN OUT LPWSTR *ppwcArguments,
  1929. IN DWORD dwCurrentIndex,
  1930. IN DWORD dwArgCount,
  1931. IN DWORD dwFlags,
  1932. IN LPCVOID pvData,
  1933. OUT BOOL *pbDone
  1934. )
  1935. {
  1936. DWORD dwReturn = ERROR_SHOW_USAGE;
  1937. DWORD dwCount = 0;
  1938. BOOL bFormat = FALSE;
  1939. BOOL bResolveDNS = FALSE;
  1940. ADDR SrcAddr,DesAddr;
  1942. //
  1943. // Default values
  1944. //
  1945. SrcAddr.uIpAddr = 0xFFFFFFFF;
  1946. DesAddr.uIpAddr = 0xFFFFFFFF;
  1947. SrcAddr.AddrType = IP_ADDR_UNIQUE;
  1948. DesAddr.AddrType = IP_ADDR_UNIQUE;
  1949. SrcAddr.uSubNetMask = 0x55555555;
  1950. DesAddr.uSubNetMask = 0x55555555;
  1952. DWORD dwProtocol = 0xFFFFFFFF;
  1954. NshHashTable addressHash;
  1956. const TAG_TYPE vcmdDynamicShowQMSAs[] =
  1957. {
  1958. { CMD_TOKEN_STR_ALL, NS_REQ_ZERO, FALSE },
  1959. { CMD_TOKEN_STR_SRCADDR, NS_REQ_ZERO, FALSE },
  1960. { CMD_TOKEN_STR_DSTADDR, NS_REQ_ZERO, FALSE },
  1961. { CMD_TOKEN_STR_PROTO, NS_REQ_ZERO, FALSE },
  1962. { CMD_TOKEN_STR_FORMAT, NS_REQ_ZERO, FALSE },
  1963. { CMD_TOKEN_STR_RESDNS, NS_REQ_ZERO, FALSE }
  1964. };
  1966. const TOKEN_VALUE vtokDynamicShowQMSAs[] =
  1967. {
  1968. { CMD_TOKEN_STR_ALL, CMD_TOKEN_ALL },
  1969. { CMD_TOKEN_STR_SRCADDR, CMD_TOKEN_SRCADDR },
  1970. { CMD_TOKEN_STR_DSTADDR, CMD_TOKEN_DSTADDR },
  1971. { CMD_TOKEN_STR_PROTO, CMD_TOKEN_PROTO },
  1972. { CMD_TOKEN_STR_FORMAT, CMD_TOKEN_FORMAT },
  1973. { CMD_TOKEN_STR_RESDNS, CMD_TOKEN_RESDNS }
  1974. };
  1976. PARSER_PKT parser;
  1977. ZeroMemory(&parser, sizeof(parser));
  1979. parser.ValidTok = vtokDynamicShowQMSAs;
  1980. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicShowQMSAs);
  1982. parser.ValidCmd = vcmdDynamicShowQMSAs;
  1983. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicShowQMSAs);
  1985. //
  1986. // Get the user input after parsing the data
  1987. //
  1988. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  1990. if(dwReturn != ERROR_SUCCESS)
  1991. {
  1992. if(dwReturn == RETURN_NO_ERROR)
  1993. {
  1994. dwReturn = ERROR_NO_DISPLAY;
  1995. BAIL_OUT;
  1996. }
  1997. else
  1998. {
  1999. dwReturn = ERROR_SHOW_USAGE;
  2000. BAIL_OUT;
  2001. }
  2002. }
  2004. //
  2005. // Check for user given tokens from the parser and copy into local variables
  2006. //
  2007. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  2008. {
  2009. switch(vtokDynamicShowQMSAs[parser.Cmd[dwCount].dwCmdToken].dwValue)
  2010. {
  2011. case CMD_TOKEN_ALL :
  2012. break;
  2013. case CMD_TOKEN_SRCADDR :
  2014. if (parser.Cmd[dwCount].dwStatus)
  2015. {
  2016. //
  2017. // Special servers id is available in dwStatus
  2018. //
  2019. switch(parser.Cmd[dwCount].dwStatus)
  2020. {
  2021. case SERVER_WINS:
  2022. SrcAddr.AddrType = IP_ADDR_WINS_SERVER;
  2023. break;
  2024. case SERVER_DHCP:
  2025. SrcAddr.AddrType = IP_ADDR_DHCP_SERVER;
  2026. break;
  2027. case SERVER_DNS:
  2028. SrcAddr.AddrType = IP_ADDR_DNS_SERVER;
  2029. break;
  2030. case SERVER_GATEWAY:
  2031. SrcAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  2032. break;
  2033. case IP_ME:
  2034. case IP_ANY:
  2035. AddSplAddr(SrcAddr, parser.Cmd[dwCount].dwStatus);
  2036. break;
  2037. case NOT_SPLSERVER:
  2038. //
  2039. // If it is not special server get the user given IP address
  2040. //
  2041. SrcAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  2042. break;
  2043. default:
  2044. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  2045. dwReturn = ERROR_NO_DISPLAY;
  2046. BAIL_OUT;
  2047. break;
  2048. }
  2049. }
  2050. break;
  2051. case CMD_TOKEN_DSTADDR :
  2052. if (parser.Cmd[dwCount].dwStatus)
  2053. {
  2054. //
  2055. // Special servers id is available in dwStatus
  2056. //
  2057. switch(parser.Cmd[dwCount].dwStatus)
  2058. {
  2059. case SERVER_WINS:
  2060. DesAddr.AddrType = IP_ADDR_WINS_SERVER;
  2061. break;
  2062. case SERVER_DHCP:
  2063. DesAddr.AddrType = IP_ADDR_DHCP_SERVER;
  2064. break;
  2065. case SERVER_DNS:
  2066. DesAddr.AddrType = IP_ADDR_DNS_SERVER;
  2067. break;
  2068. case SERVER_GATEWAY:
  2069. DesAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  2070. break;
  2071. case IP_ME:
  2072. case IP_ANY:
  2073. AddSplAddr(DesAddr, parser.Cmd[dwCount].dwStatus);
  2074. break;
  2075. case NOT_SPLSERVER:
  2076. //
  2077. // If it is not special server get the user given IP address
  2078. //
  2079. DesAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  2080. break;
  2081. default:
  2082. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  2083. dwReturn = ERROR_NO_DISPLAY;
  2084. BAIL_OUT;
  2085. break;
  2086. }
  2087. }
  2088. break;
  2090. case CMD_TOKEN_PROTO :
  2091. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2092. {
  2093. dwProtocol = *(DWORD *)parser.Cmd[dwCount].pArg;
  2094. }
  2095. break;
  2096. case CMD_TOKEN_FORMAT :
  2097. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2098. {
  2099. bFormat = *(BOOL *)parser.Cmd[dwCount].pArg;
  2100. }
  2101. break;
  2102. case CMD_TOKEN_RESDNS :
  2103. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2104. {
  2105. bResolveDNS = *(BOOL *)parser.Cmd[dwCount].pArg;
  2106. }
  2107. break;
  2108. default :
  2109. break;
  2110. }
  2111. }
  2113. dwReturn = ShowQMSas(SrcAddr, DesAddr, dwProtocol, addressHash, bResolveDNS);
  2115. error:
  2116. if(dwArgCount > 3)
  2117. {
  2118. CleanUp();
  2119. }
  2121. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  2122. {
  2123. //api errors
  2124. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  2125. dwReturn = ERROR_SUCCESS;
  2126. }
  2128. //already one error displayed.
  2129. if(dwReturn == ERROR_NO_DISPLAY)
  2130. {
  2131. dwReturn = ERROR_SUCCESS;
  2132. }
  2134. return dwReturn;
  2135. }
  2138. ///////////////////////////////////////////////////////////////////////////////////////////
  2139. //
  2140. // Function : HandleDynamicShowMMPolicy
  2141. //
  2142. // Date of Creation: 9-23-2001
  2143. //
  2144. // Parameters :
  2145. // IN LPCWSTR pwszMachine,
  2146. // IN OUT LPWSTR *ppwcArguments,
  2147. // IN DWORD dwCurrentIndex,
  2148. // IN DWORD dwArgCount,
  2149. // IN DWORD dwFlags,
  2150. // IN LPCVOID pvData,
  2151. // OUT BOOL *pbDone
  2152. // Return : DWORD
  2153. //
  2154. // Description : Netshell Dynamic handle for show main mode policy.
  2155. //
  2156. // Revision History:
  2157. //
  2158. // Date Author Comments
  2159. //
  2160. //////////////////////////////////////////////////////////////////////////////////////////
  2162. DWORD WINAPI
  2163. HandleDynamicShowMMPolicy(
  2164. IN LPCWSTR pwszMachine,
  2165. IN OUT LPWSTR *ppwcArguments,
  2166. IN DWORD dwCurrentIndex,
  2167. IN DWORD dwArgCount,
  2168. IN DWORD dwFlags,
  2169. IN LPCVOID pvData,
  2170. OUT BOOL *pbDone
  2171. )
  2172. {
  2173. DWORD dwReturn = ERROR_SHOW_USAGE;
  2174. DWORD dwCount = 0;
  2175. DWORD dwNameLen = 0;
  2176. LPTSTR pszPolicyName = NULL;
  2177. BOOL bAll = FALSE;
  2178. const TAG_TYPE vcmdDynamicShowMMPolicy[] =
  2179. {
  2180. { CMD_TOKEN_STR_NAME, NS_REQ_ZERO, FALSE },
  2181. { CMD_TOKEN_STR_ALL, NS_REQ_ZERO, FALSE }
  2182. };
  2184. const TOKEN_VALUE vtokDynamicShowMMPolicy[] =
  2185. {
  2186. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  2187. { CMD_TOKEN_STR_ALL, CMD_TOKEN_ALL }
  2188. };
  2190. PARSER_PKT parser;
  2191. ZeroMemory(&parser, sizeof(parser));
  2193. //
  2194. // Bail out as user has not given sufficient arguments.
  2195. //
  2196. if(dwArgCount <= 3)
  2197. {
  2198. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  2199. BAIL_OUT;
  2200. }
  2202. parser.ValidTok = vtokDynamicShowMMPolicy;
  2203. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicShowMMPolicy);
  2205. parser.ValidCmd = vcmdDynamicShowMMPolicy;
  2206. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicShowMMPolicy);
  2208. //
  2209. // Get the user input after parsing the data
  2210. //
  2211. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  2213. if(dwReturn != ERROR_SUCCESS)
  2214. {
  2215. if(dwReturn == RETURN_NO_ERROR)
  2216. {
  2217. dwReturn = ERROR_NO_DISPLAY;
  2218. BAIL_OUT;
  2219. }
  2220. else
  2221. {
  2222. dwReturn = ERROR_SHOW_USAGE;
  2223. BAIL_OUT;
  2224. }
  2225. }
  2227. //
  2228. // Check for user given tokens from the parser and copy into local variables
  2229. //
  2230. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  2231. {
  2232. switch(vtokDynamicShowMMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  2233. {
  2234. case CMD_TOKEN_NAME :
  2235. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2236. {
  2237. if((LPTSTR)parser.Cmd[dwCount].pArg != NULL)
  2238. {
  2239. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  2240. pszPolicyName = new _TCHAR[dwNameLen];
  2241. if(pszPolicyName == NULL)
  2242. {
  2243. dwReturn = ERROR_OUTOFMEMORY;
  2244. BAIL_OUT;
  2245. }
  2246. _tcsncpy(pszPolicyName, (PTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  2247. }
  2248. }
  2249. break;
  2250. case CMD_TOKEN_ALL :
  2251. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2252. {
  2253. bAll = *(BOOL *)parser.Cmd[dwCount].pArg;
  2254. }
  2255. break;
  2256. default:
  2257. break;
  2258. }
  2259. }
  2261. dwReturn = ShowMMPolicy(pszPolicyName);
  2263. error:
  2265. if(dwArgCount > 3)
  2266. {
  2267. CleanUp();
  2268. }
  2269. if(pszPolicyName)
  2270. {
  2271. delete [] pszPolicyName;
  2272. }
  2274. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  2275. {
  2276. //api errors
  2277. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  2278. dwReturn = ERROR_SUCCESS;
  2279. }
  2281. //already one error displayed.
  2282. if(dwReturn == ERROR_NO_DISPLAY)
  2283. {
  2284. dwReturn = ERROR_SUCCESS;
  2285. }
  2287. return dwReturn;
  2288. }
  2290. ///////////////////////////////////////////////////////////////////////////////////////////
  2291. //
  2292. // Function : HandleDynamicShowQMPolicy
  2293. //
  2294. // Date of Creation: 9-23-2001
  2295. //
  2296. // Parameters :
  2297. // IN LPCWSTR pwszMachine,
  2298. // IN OUT LPWSTR *ppwcArguments,
  2299. // IN DWORD dwCurrentIndex,
  2300. // IN DWORD dwArgCount,
  2301. // IN DWORD dwFlags,
  2302. // IN LPCVOID pvData,
  2303. // OUT BOOL *pbDone
  2304. // Return : DWORD
  2305. //
  2306. // Description : Netshell Dynamic handle for show quick mode policy
  2307. //
  2308. // Revision History:
  2309. //
  2310. // Date Author Comments
  2311. //
  2312. //////////////////////////////////////////////////////////////////////////////////////////
  2315. DWORD WINAPI
  2316. HandleDynamicShowQMPolicy(
  2317. IN LPCWSTR pwszMachine,
  2318. IN OUT LPWSTR *ppwcArguments,
  2319. IN DWORD dwCurrentIndex,
  2320. IN DWORD dwArgCount,
  2321. IN DWORD dwFlags,
  2322. IN LPCVOID pvData,
  2323. OUT BOOL *pbDone
  2324. )
  2325. {
  2326. DWORD dwReturn = ERROR_SHOW_USAGE;
  2327. DWORD dwNameLen = 0;
  2328. DWORD dwCount = 0;
  2329. LPTSTR pszPolicyName = NULL;
  2330. BOOL bAll = FALSE;
  2331. const TAG_TYPE vcmdDynamicShowQMPolicy[] =
  2332. {
  2333. { CMD_TOKEN_STR_NAME, NS_REQ_ZERO, FALSE },
  2334. { CMD_TOKEN_STR_ALL, NS_REQ_ZERO, FALSE }
  2335. };
  2337. const TOKEN_VALUE vtokDynamicShowQMPolicy[] =
  2338. {
  2339. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  2340. { CMD_TOKEN_STR_ALL, CMD_TOKEN_ALL }
  2341. };
  2343. PARSER_PKT parser;
  2344. ZeroMemory(&parser, sizeof(parser));
  2346. //
  2347. // Bail out as user has not given sufficient arguments.
  2348. //
  2349. if(dwArgCount <= 3)
  2350. {
  2351. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  2352. BAIL_OUT;
  2353. }
  2355. parser.ValidTok = vtokDynamicShowQMPolicy;
  2356. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicShowQMPolicy);
  2358. parser.ValidCmd = vcmdDynamicShowQMPolicy;
  2359. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicShowQMPolicy);
  2361. //
  2362. // Get the user input after parsing the data
  2363. //
  2364. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  2366. if(dwReturn != ERROR_SUCCESS)
  2367. {
  2368. if(dwReturn == RETURN_NO_ERROR)
  2369. {
  2370. dwReturn = ERROR_NO_DISPLAY;
  2371. BAIL_OUT;
  2372. }
  2373. else
  2374. {
  2375. dwReturn = ERROR_SHOW_USAGE;
  2376. BAIL_OUT;
  2377. }
  2378. }
  2380. //
  2381. // Check for user given tokens from the parser and copy into local variables
  2382. //
  2383. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  2384. {
  2385. switch(vtokDynamicShowQMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  2386. {
  2387. case CMD_TOKEN_NAME:
  2388. //
  2389. // Dynamic variables initialization
  2390. //
  2391. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2392. {
  2393. if((LPTSTR)parser.Cmd[dwCount].pArg != NULL)
  2394. {
  2395. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  2396. pszPolicyName = new _TCHAR[dwNameLen];
  2397. if(pszPolicyName == NULL)
  2398. {
  2399. dwReturn = ERROR_OUTOFMEMORY;
  2400. BAIL_OUT;
  2401. }
  2402. _tcsncpy(pszPolicyName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  2403. }
  2404. }
  2405. break;
  2407. case CMD_TOKEN_ALL :
  2408. //
  2409. // Dynamic variables initialization
  2410. //
  2411. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2412. {
  2413. bAll = *(BOOL *)parser.Cmd[dwCount].pArg;
  2414. }
  2415. break;
  2416. default:
  2417. break;
  2418. }
  2419. }
  2421. dwReturn = ShowQMPolicy(pszPolicyName);
  2423. error:
  2424. if(dwArgCount > 3)
  2425. {
  2426. CleanUp();
  2427. }
  2429. if(pszPolicyName)
  2430. {
  2431. delete [] pszPolicyName;
  2432. }
  2434. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  2435. {
  2436. //api errors
  2437. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  2438. dwReturn = ERROR_SUCCESS;
  2439. }
  2441. //already one error displayed.
  2442. if(dwReturn == ERROR_NO_DISPLAY)
  2443. {
  2444. dwReturn = ERROR_SUCCESS;
  2445. }
  2447. return dwReturn;
  2448. }
  2450. ///////////////////////////////////////////////////////////////////////////////////////////
  2451. //
  2452. // Function : HandleDynamicShowMMFilter
  2453. //
  2454. // Date of Creation: 9-23-2001
  2455. //
  2456. // Parameters :
  2457. // IN LPCWSTR pwszMachine,
  2458. // IN OUT LPWSTR *ppwcArguments,
  2459. // IN DWORD dwCurrentIndex,
  2460. // IN DWORD dwArgCount,
  2461. // IN DWORD dwFlags,
  2462. // IN LPCVOID pvData,
  2463. // OUT BOOL *pbDone
  2464. // Return : DWORD
  2465. //
  2466. // Description : Netshell Dynamic handle for show main mode filter.
  2467. //
  2468. // Revision History:
  2469. //
  2470. // Date Author Comments
  2471. //
  2472. //////////////////////////////////////////////////////////////////////////////////////////
  2474. DWORD WINAPI
  2475. HandleDynamicShowMMFilter(
  2476. IN LPCWSTR pwszMachine,
  2477. IN OUT LPWSTR *ppwcArguments,
  2478. IN DWORD dwCurrentIndex,
  2479. IN DWORD dwArgCount,
  2480. IN DWORD dwFlags,
  2481. IN LPCVOID pvData,
  2482. OUT BOOL *pbDone
  2483. )
  2484. {
  2485. DWORD dwReturn = ERROR_SHOW_USAGE;
  2486. DWORD dwCount = 0;
  2487. DWORD dwNameLen = 0;
  2488. LPTSTR pszFilterName = NULL;
  2489. LPTSTR pszPolicyName = NULL;
  2490. BOOL bAll = FALSE;
  2491. BOOL bType = TRUE;
  2492. DWORD dwType = FILTER_GENERIC; //default initialization to GENERIC,
  2493. BOOL bResolveDNS = FALSE;
  2494. ADDR DesAddr, SrcAddr;
  2495. BOOL bSrcMask = FALSE;
  2496. BOOL bDstMask = FALSE;
  2498. NshHashTable addressHash;
  2500. const TAG_TYPE vcmdDynamicShowMMFilter[] =
  2501. {
  2502. { CMD_TOKEN_STR_NAME, NS_REQ_ZERO, FALSE },
  2503. { CMD_TOKEN_STR_ALL, NS_REQ_ZERO, FALSE },
  2504. { CMD_TOKEN_STR_TYPE, NS_REQ_ZERO, FALSE },
  2505. { CMD_TOKEN_STR_SRCADDR, NS_REQ_ZERO, FALSE },
  2506. { CMD_TOKEN_STR_DSTADDR, NS_REQ_ZERO, FALSE },
  2507. { CMD_TOKEN_STR_SRCMASK, NS_REQ_ZERO, FALSE },
  2508. { CMD_TOKEN_STR_DSTMASK, NS_REQ_ZERO, FALSE },
  2509. { CMD_TOKEN_STR_RESDNS, NS_REQ_ZERO, FALSE }
  2510. };
  2511. const TOKEN_VALUE vtokDynamicShowMMFilter[] =
  2512. {
  2513. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  2514. { CMD_TOKEN_STR_ALL, CMD_TOKEN_ALL },
  2515. { CMD_TOKEN_STR_TYPE, CMD_TOKEN_TYPE },
  2516. { CMD_TOKEN_STR_SRCADDR, CMD_TOKEN_SRCADDR },
  2517. { CMD_TOKEN_STR_DSTADDR, CMD_TOKEN_DSTADDR },
  2518. { CMD_TOKEN_STR_SRCMASK, CMD_TOKEN_SRCMASK },
  2519. { CMD_TOKEN_STR_DSTMASK, CMD_TOKEN_DSTMASK },
  2520. { CMD_TOKEN_STR_RESDNS, CMD_TOKEN_RESDNS }
  2521. };
  2523. PARSER_PKT parser;
  2524. ZeroMemory(&parser, sizeof(parser));
  2526. //
  2527. // Bail out as user has not given sufficient arguments.
  2528. //
  2529. if(dwArgCount <= 3)
  2530. {
  2531. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  2532. BAIL_OUT;
  2533. }
  2535. SrcAddr.uIpAddr = 0xFFFFFFFF;
  2536. DesAddr.uIpAddr = 0xFFFFFFFF;
  2537. SrcAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  2538. DesAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  2539. SrcAddr.AddrType = IP_ADDR_UNIQUE;
  2540. DesAddr.AddrType = IP_ADDR_UNIQUE;
  2542. parser.ValidTok = vtokDynamicShowMMFilter;
  2543. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicShowMMFilter);
  2545. parser.ValidCmd = vcmdDynamicShowMMFilter;
  2546. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicShowMMFilter);
  2548. //
  2549. // Get the user input after parsing the data
  2550. //
  2551. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  2553. if(dwReturn != ERROR_SUCCESS)
  2554. {
  2555. if(dwReturn == RETURN_NO_ERROR)
  2556. {
  2557. dwReturn = ERROR_NO_DISPLAY;
  2558. BAIL_OUT;
  2559. }
  2560. else
  2561. {
  2562. dwReturn = ERROR_SHOW_USAGE;
  2563. BAIL_OUT;
  2564. }
  2565. }
  2567. //
  2568. // Check for user given tokens from the parser and copy into local variables
  2569. //
  2570. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  2571. {
  2572. switch(vtokDynamicShowMMFilter[parser.Cmd[dwCount].dwCmdToken].dwValue)
  2573. {
  2574. case CMD_TOKEN_NAME :
  2575. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2576. {
  2577. if((LPTSTR)parser.Cmd[dwCount].pArg != NULL)
  2578. {
  2579. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  2580. pszFilterName = new _TCHAR[dwNameLen];
  2581. if(pszFilterName == NULL)
  2582. {
  2583. dwReturn = ERROR_OUTOFMEMORY;
  2584. BAIL_OUT;
  2585. }
  2586. _tcsncpy(pszFilterName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  2587. }
  2588. }
  2589. break;
  2590. case CMD_TOKEN_ALL :
  2591. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2592. {
  2593. bAll = *(BOOL *)parser.Cmd[dwCount].pArg;
  2594. }
  2595. break;
  2596. case CMD_TOKEN_TYPE :
  2597. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2598. {
  2599. dwType = *(DWORD *)parser.Cmd[dwCount].pArg;
  2600. if(dwType == FILTER_GENERIC)
  2601. {
  2602. bType = TRUE;
  2603. }
  2604. else if(dwType == FILTER_SPECIFIC)
  2605. {
  2606. bType = FALSE;
  2607. }
  2608. }
  2609. break;
  2610. case CMD_TOKEN_SRCADDR :
  2611. if (parser.Cmd[dwCount].dwStatus)
  2612. {
  2613. //
  2614. // special servers id is available in dwStatus
  2615. //
  2616. switch(parser.Cmd[dwCount].dwStatus)
  2617. {
  2618. case SERVER_WINS:
  2619. SrcAddr.AddrType = IP_ADDR_WINS_SERVER;
  2620. break;
  2621. case SERVER_DHCP:
  2622. SrcAddr.AddrType = IP_ADDR_DHCP_SERVER;
  2623. break;
  2624. case SERVER_DNS:
  2625. SrcAddr.AddrType = IP_ADDR_DNS_SERVER;
  2626. break;
  2627. case SERVER_GATEWAY:
  2628. SrcAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  2629. break;
  2630. case IP_ME:
  2631. case IP_ANY:
  2632. AddSplAddr(SrcAddr, parser.Cmd[dwCount].dwStatus);
  2633. bSrcMask = TRUE;
  2634. break;
  2635. case NOT_SPLSERVER:
  2636. //
  2637. // if it is not special server get the user given IP address
  2638. //
  2639. SrcAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  2640. break;
  2641. default:
  2642. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  2643. dwReturn = ERROR_NO_DISPLAY;
  2644. BAIL_OUT;
  2645. break;
  2646. }
  2647. }
  2648. break;
  2649. case CMD_TOKEN_SRCMASK :
  2650. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2651. {
  2652. SrcAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  2653. bSrcMask = TRUE;
  2654. }
  2655. break;
  2656. case CMD_TOKEN_DSTADDR :
  2657. if (parser.Cmd[dwCount].dwStatus)
  2658. {
  2659. // special servers id is available in dwStatus
  2660. switch(parser.Cmd[dwCount].dwStatus)
  2661. {
  2662. case SERVER_WINS:
  2663. DesAddr.AddrType = IP_ADDR_WINS_SERVER;
  2664. break;
  2665. case SERVER_DHCP:
  2666. DesAddr.AddrType = IP_ADDR_DHCP_SERVER;
  2667. break;
  2668. case SERVER_DNS:
  2669. DesAddr.AddrType = IP_ADDR_DNS_SERVER;
  2670. break;
  2671. case SERVER_GATEWAY:
  2672. DesAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  2673. break;
  2674. case IP_ME:
  2675. case IP_ANY:
  2676. AddSplAddr(DesAddr, parser.Cmd[dwCount].dwStatus);
  2677. bDstMask = TRUE;
  2678. break;
  2679. case NOT_SPLSERVER:
  2680. //
  2681. // if it is not special server get the user given IP address
  2682. //
  2683. DesAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  2684. break;
  2685. default:
  2686. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  2687. dwReturn = ERROR_NO_DISPLAY;
  2688. BAIL_OUT;
  2689. break;
  2690. }
  2691. }
  2692. break;
  2693. case CMD_TOKEN_DSTMASK :
  2694. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2695. {
  2696. DesAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  2697. bDstMask = TRUE;
  2698. }
  2699. break;
  2700. case CMD_TOKEN_RESDNS :
  2701. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2702. {
  2703. bResolveDNS = *(BOOL *)parser.Cmd[dwCount].pArg;
  2704. }
  2705. break;
  2706. default:
  2707. break;
  2708. }
  2709. }
  2710. //
  2711. // if name is NULL then all the filters are displayed.
  2712. //
  2713. dwReturn = ShowMMFilters(pszFilterName, bType, SrcAddr, DesAddr, addressHash, bResolveDNS, bSrcMask, bDstMask);
  2715. error:
  2716. if(dwArgCount > 3)
  2717. {
  2718. CleanUp();
  2719. }
  2721. if(pszFilterName)
  2722. {
  2723. delete [] pszFilterName;
  2724. }
  2725. if(pszPolicyName)
  2726. {
  2727. delete [] pszPolicyName;
  2728. }
  2730. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  2731. {
  2732. //api errors
  2733. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  2734. dwReturn = ERROR_SUCCESS;
  2735. }
  2737. //already one error displayed.
  2738. if(dwReturn == ERROR_NO_DISPLAY)
  2739. {
  2740. dwReturn = ERROR_SUCCESS;
  2741. }
  2743. return dwReturn;
  2744. }
  2746. ///////////////////////////////////////////////////////////////////////////////////////////
  2747. //
  2748. // Function : HandleDynamicShowQMFilter
  2749. //
  2750. // Date of Creation: 9-23-2001
  2751. //
  2752. // Parameters :
  2753. // IN LPCWSTR pwszMachine,
  2754. // IN OUT LPWSTR *ppwcArguments,
  2755. // IN DWORD dwCurrentIndex,
  2756. // IN DWORD dwArgCount,
  2757. // IN DWORD dwFlags,
  2758. // IN LPCVOID pvData,
  2759. // OUT BOOL *pbDone
  2760. // Return : DWORD
  2761. //
  2762. // Description : Netshell Dynamic handle for quick mode filter.
  2763. //
  2764. // Revision History:
  2765. //
  2766. // Date Author Comments
  2767. //
  2768. //////////////////////////////////////////////////////////////////////////////////////////
  2770. DWORD WINAPI
  2771. HandleDynamicShowQMFilter(
  2772. IN LPCWSTR pwszMachine,
  2773. IN OUT LPWSTR *ppwcArguments,
  2774. IN DWORD dwCurrentIndex,
  2775. IN DWORD dwArgCount,
  2776. IN DWORD dwFlags,
  2777. IN LPCVOID pvData,
  2778. OUT BOOL *pbDone
  2779. )
  2780. {
  2781. DWORD dwReturn = ERROR_SHOW_USAGE;
  2782. DWORD dwCount = 0;
  2783. DWORD dwNameLen = 0;
  2784. LPTSTR pszFilterName = NULL;
  2785. BOOL bAll = FALSE;
  2786. BOOL bType = TRUE;
  2787. DWORD dwType = FILTER_GENERIC; // Default initialization to GENERIC
  2789. BOOL bResolveDNS = FALSE;
  2790. ADDR DesAddr, SrcAddr;
  2791. BOOL bSrcMask = FALSE;
  2792. BOOL bDstMask = FALSE;
  2793. QM_FILTER_VALUE_BOOL QmBoolValue;
  2795. NshHashTable addressHash;
  2797. const TAG_TYPE vcmdDynamicShowQMFilter[] =
  2798. {
  2799. { CMD_TOKEN_STR_NAME, NS_REQ_ZERO, FALSE },
  2800. { CMD_TOKEN_STR_ALL, NS_REQ_ZERO, FALSE },
  2801. { CMD_TOKEN_STR_TYPE, NS_REQ_ZERO, FALSE },
  2802. { CMD_TOKEN_STR_SRCADDR, NS_REQ_ZERO, FALSE },
  2803. { CMD_TOKEN_STR_DSTADDR, NS_REQ_ZERO, FALSE },
  2804. { CMD_TOKEN_STR_SRCMASK, NS_REQ_ZERO, FALSE },
  2805. { CMD_TOKEN_STR_DSTMASK, NS_REQ_ZERO, FALSE },
  2806. { CMD_TOKEN_STR_PROTO, NS_REQ_ZERO, FALSE },
  2807. { CMD_TOKEN_STR_SRCPORT, NS_REQ_ZERO, FALSE },
  2808. { CMD_TOKEN_STR_DSTPORT, NS_REQ_ZERO, FALSE },
  2809. { CMD_TOKEN_STR_INBOUND, NS_REQ_ZERO, FALSE },
  2810. { CMD_TOKEN_STR_OUTBOUND, NS_REQ_ZERO, FALSE },
  2811. { CMD_TOKEN_STR_RESDNS, NS_REQ_ZERO, FALSE }
  2812. };
  2814. const TOKEN_VALUE vtokDynamicShowQMFilter[] =
  2815. {
  2816. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  2817. { CMD_TOKEN_STR_ALL, CMD_TOKEN_ALL },
  2818. { CMD_TOKEN_STR_TYPE, CMD_TOKEN_TYPE },
  2819. { CMD_TOKEN_STR_SRCADDR, CMD_TOKEN_SRCADDR },
  2820. { CMD_TOKEN_STR_DSTADDR, CMD_TOKEN_DSTADDR },
  2821. { CMD_TOKEN_STR_SRCMASK, CMD_TOKEN_SRCMASK },
  2822. { CMD_TOKEN_STR_DSTMASK, CMD_TOKEN_DSTMASK },
  2823. { CMD_TOKEN_STR_PROTO, CMD_TOKEN_PROTO },
  2824. { CMD_TOKEN_STR_SRCPORT, CMD_TOKEN_SRCPORT },
  2825. { CMD_TOKEN_STR_DSTPORT, CMD_TOKEN_DSTPORT },
  2826. { CMD_TOKEN_STR_INBOUND, CMD_TOKEN_INBOUND },
  2827. { CMD_TOKEN_STR_OUTBOUND, CMD_TOKEN_OUTBOUND },
  2828. { CMD_TOKEN_STR_RESDNS, CMD_TOKEN_RESDNS }
  2829. };
  2831. PARSER_PKT parser;
  2832. ZeroMemory(&parser, sizeof(parser));
  2834. QmBoolValue.bSrcPort = FALSE;
  2835. QmBoolValue.bDstPort = FALSE;
  2836. QmBoolValue.bProtocol = FALSE;
  2837. QmBoolValue.bActionInbound = FALSE;
  2838. QmBoolValue.bActionOutbound = FALSE;
  2840. //
  2841. // Bail out as user has not given sufficient arguments.
  2842. //
  2843. if(dwArgCount <= 3)
  2844. {
  2845. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  2846. BAIL_OUT;
  2847. }
  2849. SrcAddr.uIpAddr = 0xFFFFFFFF;
  2850. DesAddr.uIpAddr = 0xFFFFFFFF;
  2851. SrcAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  2852. DesAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  2853. SrcAddr.AddrType = IP_ADDR_UNIQUE;
  2854. DesAddr.AddrType = IP_ADDR_UNIQUE;
  2856. parser.ValidTok = vtokDynamicShowQMFilter;
  2857. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicShowQMFilter);
  2859. parser.ValidCmd = vcmdDynamicShowQMFilter;
  2860. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicShowQMFilter);
  2862. //
  2863. // Get the user input after parsing the data
  2864. //
  2865. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  2866. if(dwReturn != ERROR_SUCCESS)
  2867. {
  2868. if(dwReturn == RETURN_NO_ERROR)
  2869. {
  2870. dwReturn = ERROR_NO_DISPLAY;
  2871. BAIL_OUT;
  2872. }
  2873. else
  2874. {
  2875. dwReturn = ERROR_SHOW_USAGE;
  2876. BAIL_OUT;
  2877. }
  2878. }
  2879. //
  2880. // Check for user given tokens from the parser and copy into local variables
  2881. //
  2882. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  2883. {
  2884. switch(vtokDynamicShowQMFilter[parser.Cmd[dwCount].dwCmdToken].dwValue)
  2885. {
  2886. case CMD_TOKEN_NAME :
  2887. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2888. {
  2889. if((LPTSTR)parser.Cmd[dwCount].pArg != NULL)
  2890. {
  2891. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  2892. pszFilterName = new _TCHAR[dwNameLen];
  2893. if(pszFilterName == NULL)
  2894. {
  2895. dwReturn = ERROR_OUTOFMEMORY;
  2896. BAIL_OUT;
  2897. }
  2898. _tcsncpy(pszFilterName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  2899. }
  2900. }
  2901. break;
  2902. case CMD_TOKEN_ALL :
  2903. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2904. {
  2905. bAll = *(BOOL *)parser.Cmd[dwCount].pArg;
  2906. }
  2907. break;
  2908. case CMD_TOKEN_TYPE :
  2909. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2910. {
  2911. dwType = *(DWORD *)parser.Cmd[dwCount].pArg;
  2912. if(dwType == FILTER_GENERIC)
  2913. {
  2914. bType = TRUE;
  2915. }
  2916. else if(dwType == FILTER_SPECIFIC)
  2917. {
  2918. bType = FALSE;
  2919. }
  2920. }
  2921. break;
  2922. case CMD_TOKEN_SRCADDR :
  2923. if (parser.Cmd[dwCount].dwStatus)
  2924. {
  2925. //
  2926. // special servers id is available in dwStatus
  2927. //
  2928. switch(parser.Cmd[dwCount].dwStatus)
  2929. {
  2930. case SERVER_WINS:
  2931. SrcAddr.AddrType = IP_ADDR_WINS_SERVER;
  2932. break;
  2933. case SERVER_DHCP:
  2934. SrcAddr.AddrType = IP_ADDR_DHCP_SERVER;
  2935. break;
  2936. case SERVER_DNS:
  2937. SrcAddr.AddrType = IP_ADDR_DNS_SERVER;
  2938. break;
  2939. case SERVER_GATEWAY:
  2940. SrcAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  2941. break;
  2942. case IP_ME:
  2943. case IP_ANY:
  2944. AddSplAddr(SrcAddr, parser.Cmd[dwCount].dwStatus);
  2945. bSrcMask = TRUE;
  2946. break;
  2947. case NOT_SPLSERVER:
  2948. //
  2949. // if it is not special server get the user given IP address
  2950. //
  2951. SrcAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  2952. break;
  2953. default:
  2954. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  2955. dwReturn = ERROR_NO_DISPLAY;
  2956. BAIL_OUT;
  2957. break;
  2958. }
  2959. }
  2960. break;
  2961. case CMD_TOKEN_SRCMASK :
  2962. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  2963. {
  2964. SrcAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  2965. bSrcMask = TRUE;
  2966. }
  2967. break;
  2968. case CMD_TOKEN_DSTADDR :
  2969. if (parser.Cmd[dwCount].dwStatus)
  2970. {
  2971. //
  2972. // special servers id is available in dwStatus
  2973. //
  2974. switch(parser.Cmd[dwCount].dwStatus)
  2975. {
  2976. case SERVER_WINS:
  2977. DesAddr.AddrType = IP_ADDR_WINS_SERVER;
  2978. break;
  2979. case SERVER_DHCP:
  2980. DesAddr.AddrType = IP_ADDR_DHCP_SERVER;
  2981. break;
  2982. case SERVER_DNS:
  2983. DesAddr.AddrType = IP_ADDR_DNS_SERVER;
  2984. break;
  2985. case SERVER_GATEWAY:
  2986. DesAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  2987. break;
  2988. case IP_ME:
  2989. case IP_ANY:
  2990. AddSplAddr(DesAddr, parser.Cmd[dwCount].dwStatus);
  2991. bDstMask = TRUE;
  2992. break;
  2993. case NOT_SPLSERVER:
  2994. //
  2995. // if it is not special server get the user given IP address
  2996. //
  2997. DesAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  2998. break;
  2999. default:
  3000. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  3001. dwReturn = ERROR_NO_DISPLAY;
  3002. BAIL_OUT;
  3003. break;
  3004. }
  3005. }
  3006. break;
  3007. case CMD_TOKEN_DSTMASK :
  3008. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3009. {
  3010. DesAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  3011. bDstMask = TRUE;
  3012. }
  3013. break;
  3014. case CMD_TOKEN_RESDNS :
  3015. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3016. {
  3017. bResolveDNS = *(BOOL *)parser.Cmd[dwCount].pArg;
  3018. }
  3019. break;
  3020. case CMD_TOKEN_INBOUND :
  3021. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3022. {
  3023. if(*(DWORD *)parser.Cmd[dwCount].pArg==1)
  3024. {
  3025. QmBoolValue.dwActionInbound = PASS_THRU;
  3026. }
  3027. else if(*(DWORD *)parser.Cmd[dwCount].pArg==2)
  3028. {
  3029. QmBoolValue.dwActionInbound = BLOCKING;
  3030. }
  3031. else if(*(DWORD *)parser.Cmd[dwCount].pArg==3)
  3032. {
  3033. QmBoolValue.dwActionInbound = NEGOTIATE_SECURITY;
  3034. }
  3035. QmBoolValue.bActionOutbound = TRUE;
  3036. }
  3037. break;
  3038. case CMD_TOKEN_OUTBOUND :
  3039. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3040. {
  3041. if(*(DWORD *)parser.Cmd[dwCount].pArg==1)
  3042. {
  3043. QmBoolValue.dwActionOutbound = PASS_THRU;
  3044. }
  3045. else if(*(DWORD *)parser.Cmd[dwCount].pArg==2)
  3046. {
  3047. QmBoolValue.dwActionOutbound = BLOCKING;
  3048. }
  3049. else if(*(DWORD *)parser.Cmd[dwCount].pArg==3)
  3050. {
  3051. QmBoolValue.dwActionOutbound = NEGOTIATE_SECURITY;
  3052. }
  3053. QmBoolValue.bActionInbound = TRUE;
  3054. }
  3055. break;
  3056. case CMD_TOKEN_SRCPORT :
  3057. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3058. {
  3059. QmBoolValue.dwSrcPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  3060. QmBoolValue.bSrcPort = TRUE;
  3061. }
  3062. break;
  3063. case CMD_TOKEN_DSTPORT :
  3064. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3065. {
  3066. QmBoolValue.dwDstPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  3067. QmBoolValue.bDstPort = TRUE;
  3068. }
  3069. break;
  3070. case CMD_TOKEN_PROTO :
  3071. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3072. {
  3073. QmBoolValue.dwProtocol = *(DWORD *)parser.Cmd[dwCount].pArg;
  3074. QmBoolValue.bProtocol = TRUE;
  3075. }
  3076. break;
  3077. default:
  3078. break;
  3079. }
  3080. }
  3082. //
  3083. // if pszFilterName is null then all the qmfilters will be displayed
  3084. //
  3085. dwReturn = ShowQMFilters(pszFilterName, bType, SrcAddr, DesAddr, addressHash, bResolveDNS, bSrcMask, bDstMask, QmBoolValue);
  3087. error:
  3088. if(dwArgCount > 3)
  3089. {
  3090. CleanUp();
  3091. }
  3092. if(pszFilterName)
  3093. {
  3094. delete [] pszFilterName;
  3095. }
  3096. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  3097. {
  3098. //api errors
  3099. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3100. dwReturn = ERROR_SUCCESS;
  3101. }
  3102. //already one error displayed.
  3103. if(dwReturn == ERROR_NO_DISPLAY)
  3104. {
  3105. dwReturn = ERROR_SUCCESS;
  3106. }
  3108. return dwReturn;
  3109. }
  3111. ///////////////////////////////////////////////////////////////////////////////////////////
  3112. //
  3113. // Function : HandleDynamicShowRule
  3114. //
  3115. // Date of Creation: 9-23-2001
  3116. //
  3117. // Parameters :
  3118. // IN LPCWSTR pwszMachine,
  3119. // IN OUT LPWSTR *ppwcArguments,
  3120. // IN DWORD dwCurrentIndex,
  3121. // IN DWORD dwArgCount,
  3122. // IN DWORD dwFlags,
  3123. // IN LPCVOID pvData,
  3124. // OUT BOOL *pbDone
  3125. // Return : DWORD
  3126. //
  3127. // Description : Netshell Dynamic handle for quick mode filter.
  3128. //
  3129. // Revision History:
  3130. //
  3131. // Date Author Comments
  3132. //
  3133. //////////////////////////////////////////////////////////////////////////////////////////
  3135. DWORD WINAPI
  3136. HandleDynamicShowRule(
  3137. IN LPCWSTR pwszMachine,
  3138. IN OUT LPWSTR *ppwcArguments,
  3139. IN DWORD dwCurrentIndex,
  3140. IN DWORD dwArgCount,
  3141. IN DWORD dwFlags,
  3142. IN LPCVOID pvData,
  3143. OUT BOOL *pbDone
  3144. )
  3145. {
  3146. DWORD dwReturn = ERROR_SHOW_USAGE;
  3147. DWORD dwCount = 0;
  3148. DWORD dwType = 0; // Default initialization to show both Transport and tunnel
  3150. BOOL bResolveDNS = FALSE;
  3151. ADDR DesAddr, SrcAddr;
  3152. BOOL bSrcMask = FALSE;
  3153. BOOL bDstMask = FALSE;
  3154. QM_FILTER_VALUE_BOOL QmBoolValue;
  3156. NshHashTable addressHash;
  3158. const TAG_TYPE vcmdDynamicShowRule[] =
  3159. {
  3160. { CMD_TOKEN_STR_TYPE, NS_REQ_ZERO, FALSE },
  3161. { CMD_TOKEN_STR_SRCADDR, NS_REQ_ZERO, FALSE },
  3162. { CMD_TOKEN_STR_DSTADDR, NS_REQ_ZERO, FALSE },
  3163. { CMD_TOKEN_STR_SRCMASK, NS_REQ_ZERO, FALSE },
  3164. { CMD_TOKEN_STR_DSTMASK, NS_REQ_ZERO, FALSE },
  3165. { CMD_TOKEN_STR_PROTO, NS_REQ_ZERO, FALSE },
  3166. { CMD_TOKEN_STR_SRCPORT, NS_REQ_ZERO, FALSE },
  3167. { CMD_TOKEN_STR_DSTPORT, NS_REQ_ZERO, FALSE },
  3168. { CMD_TOKEN_STR_INBOUND, NS_REQ_ZERO, FALSE },
  3169. { CMD_TOKEN_STR_OUTBOUND, NS_REQ_ZERO, FALSE },
  3170. { CMD_TOKEN_STR_RESDNS, NS_REQ_ZERO, FALSE }
  3171. };
  3173. const TOKEN_VALUE vtokDynamicShowRule[] =
  3174. {
  3175. { CMD_TOKEN_STR_TYPE, CMD_TOKEN_TYPE },
  3176. { CMD_TOKEN_STR_SRCADDR, CMD_TOKEN_SRCADDR },
  3177. { CMD_TOKEN_STR_DSTADDR, CMD_TOKEN_DSTADDR },
  3178. { CMD_TOKEN_STR_SRCMASK, CMD_TOKEN_SRCMASK },
  3179. { CMD_TOKEN_STR_DSTMASK, CMD_TOKEN_DSTMASK },
  3180. { CMD_TOKEN_STR_PROTO, CMD_TOKEN_PROTO },
  3181. { CMD_TOKEN_STR_SRCPORT, CMD_TOKEN_SRCPORT },
  3182. { CMD_TOKEN_STR_DSTPORT, CMD_TOKEN_DSTPORT },
  3183. { CMD_TOKEN_STR_INBOUND, CMD_TOKEN_INBOUND },
  3184. { CMD_TOKEN_STR_OUTBOUND, CMD_TOKEN_OUTBOUND },
  3185. { CMD_TOKEN_STR_RESDNS, CMD_TOKEN_RESDNS }
  3186. };
  3188. PARSER_PKT parser;
  3189. ZeroMemory(&parser, sizeof(parser));
  3191. QmBoolValue.bSrcPort = FALSE;
  3192. QmBoolValue.bDstPort = FALSE;
  3193. QmBoolValue.bProtocol = FALSE;
  3194. QmBoolValue.bActionInbound = FALSE;
  3195. QmBoolValue.bActionOutbound = FALSE;
  3197. SrcAddr.uIpAddr = 0xFFFFFFFF;
  3198. DesAddr.uIpAddr = 0xFFFFFFFF;
  3199. SrcAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  3200. DesAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  3201. SrcAddr.AddrType = IP_ADDR_UNIQUE;
  3202. DesAddr.AddrType = IP_ADDR_UNIQUE;
  3204. //
  3205. // if no arguments are given show all the rules
  3206. //
  3207. if(dwArgCount == 3)
  3208. {
  3209. dwReturn = ShowRule(dwType, SrcAddr, DesAddr, addressHash, bResolveDNS, bSrcMask, bDstMask, QmBoolValue);
  3210. BAIL_OUT;
  3211. }
  3213. //
  3214. // Bail out as user has not given sufficient arguments.
  3215. //
  3216. else if(dwArgCount < 3)
  3217. {
  3218. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  3219. BAIL_OUT;
  3220. }
  3222. parser.ValidTok = vtokDynamicShowRule;
  3223. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicShowRule);
  3225. parser.ValidCmd = vcmdDynamicShowRule;
  3226. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicShowRule);
  3228. //
  3229. // Get the user input after parsing the data
  3230. //
  3231. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  3233. if(dwReturn != ERROR_SUCCESS)
  3234. {
  3235. if(dwReturn == RETURN_NO_ERROR)
  3236. {
  3237. dwReturn = ERROR_NO_DISPLAY;
  3238. BAIL_OUT;
  3239. }
  3240. else
  3241. {
  3242. dwReturn = ERROR_SHOW_USAGE;
  3243. BAIL_OUT;
  3244. }
  3245. }
  3247. //
  3248. // Check for user given tokens from the parser and copy into local variables
  3249. //
  3250. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  3251. {
  3252. switch(vtokDynamicShowRule[parser.Cmd[dwCount].dwCmdToken].dwValue)
  3253. {
  3254. case CMD_TOKEN_TYPE :
  3255. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3256. {
  3257. dwType = *(DWORD *)parser.Cmd[dwCount].pArg;
  3258. }
  3259. break;
  3260. case CMD_TOKEN_SRCADDR :
  3261. if (parser.Cmd[dwCount].dwStatus)
  3262. {
  3263. //
  3264. // special servers id is available in dwStatus
  3265. //
  3266. switch(parser.Cmd[dwCount].dwStatus)
  3267. {
  3268. case SERVER_WINS:
  3269. SrcAddr.AddrType = IP_ADDR_WINS_SERVER;
  3270. break;
  3271. case SERVER_DHCP:
  3272. SrcAddr.AddrType = IP_ADDR_DHCP_SERVER;
  3273. break;
  3274. case SERVER_DNS:
  3275. SrcAddr.AddrType = IP_ADDR_DNS_SERVER;
  3276. break;
  3277. case SERVER_GATEWAY:
  3278. SrcAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  3279. break;
  3280. case IP_ME:
  3281. case IP_ANY:
  3282. AddSplAddr(SrcAddr, parser.Cmd[dwCount].dwStatus);
  3283. bSrcMask = TRUE;
  3284. break;
  3285. case NOT_SPLSERVER:
  3286. //
  3287. // if it is not special server get the user given IP address
  3288. //
  3289. SrcAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  3290. break;
  3291. default:
  3292. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  3293. dwReturn = ERROR_NO_DISPLAY;
  3294. BAIL_OUT;
  3295. break;
  3296. }
  3297. }
  3298. break;
  3299. case CMD_TOKEN_SRCMASK :
  3300. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3301. {
  3302. SrcAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  3303. bSrcMask = TRUE;
  3304. }
  3305. break;
  3306. case CMD_TOKEN_DSTADDR :
  3307. if (parser.Cmd[dwCount].dwStatus)
  3308. {
  3309. //
  3310. // special servers id is available in dwStatus
  3311. //
  3312. switch(parser.Cmd[dwCount].dwStatus)
  3313. {
  3314. case SERVER_WINS:
  3315. DesAddr.AddrType = IP_ADDR_WINS_SERVER;
  3316. break;
  3317. case SERVER_DHCP:
  3318. DesAddr.AddrType = IP_ADDR_DHCP_SERVER;
  3319. break;
  3320. case SERVER_DNS:
  3321. DesAddr.AddrType = IP_ADDR_DNS_SERVER;
  3322. break;
  3323. case SERVER_GATEWAY:
  3324. DesAddr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  3325. break;
  3326. case IP_ME:
  3327. case IP_ANY:
  3328. AddSplAddr(DesAddr, parser.Cmd[dwCount].dwStatus);
  3329. bDstMask = TRUE;
  3330. break;
  3331. case NOT_SPLSERVER:
  3332. //
  3333. // if it is not special server get the user given IP address
  3334. //
  3335. DesAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  3336. break;
  3337. default:
  3338. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  3339. dwReturn = ERROR_NO_DISPLAY;
  3340. BAIL_OUT;
  3341. break;
  3342. }
  3343. }
  3344. break;
  3345. case CMD_TOKEN_DSTMASK :
  3346. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3347. {
  3348. DesAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  3349. bDstMask = TRUE;
  3350. }
  3351. break;
  3352. case CMD_TOKEN_RESDNS :
  3353. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3354. {
  3355. bResolveDNS = *(BOOL *)parser.Cmd[dwCount].pArg;
  3356. }
  3357. break;
  3358. case CMD_TOKEN_INBOUND :
  3359. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3360. {
  3361. if(*(DWORD *)parser.Cmd[dwCount].pArg==1)
  3362. {
  3363. QmBoolValue.dwActionInbound = PASS_THRU;
  3364. }
  3365. else if(*(DWORD *)parser.Cmd[dwCount].pArg==2)
  3366. {
  3367. QmBoolValue.dwActionInbound = BLOCKING;
  3368. }
  3369. else if(*(DWORD *)parser.Cmd[dwCount].pArg==3)
  3370. {
  3371. QmBoolValue.dwActionInbound = NEGOTIATE_SECURITY;
  3372. }
  3373. QmBoolValue.bActionOutbound = TRUE;
  3374. }
  3375. break;
  3376. case CMD_TOKEN_OUTBOUND :
  3377. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3378. {
  3379. if(*(DWORD *)parser.Cmd[dwCount].pArg==1)
  3380. {
  3381. QmBoolValue.dwActionOutbound = PASS_THRU;
  3382. }
  3383. else if(*(DWORD *)parser.Cmd[dwCount].pArg==2)
  3384. {
  3385. QmBoolValue.dwActionOutbound = BLOCKING;
  3386. }
  3387. else if(*(DWORD *)parser.Cmd[dwCount].pArg==3)
  3388. {
  3389. QmBoolValue.dwActionOutbound = NEGOTIATE_SECURITY;
  3390. }
  3391. QmBoolValue.bActionInbound = TRUE;
  3392. }
  3393. break;
  3394. case CMD_TOKEN_SRCPORT :
  3395. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3396. {
  3397. QmBoolValue.dwSrcPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  3398. QmBoolValue.bSrcPort = TRUE;
  3399. }
  3400. break;
  3401. case CMD_TOKEN_DSTPORT :
  3402. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3403. {
  3404. QmBoolValue.dwDstPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  3405. QmBoolValue.bDstPort = TRUE;
  3406. }
  3407. break;
  3408. case CMD_TOKEN_PROTO :
  3409. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3410. {
  3411. QmBoolValue.dwProtocol = *(DWORD *)parser.Cmd[dwCount].pArg;
  3412. QmBoolValue.bProtocol = TRUE;
  3413. }
  3414. break;
  3415. default:
  3416. break;
  3417. }
  3418. }
  3420. dwReturn = ShowRule(dwType, SrcAddr, DesAddr, addressHash, bResolveDNS, bSrcMask, bDstMask, QmBoolValue);
  3422. error:
  3423. if(dwArgCount > 3)
  3424. {
  3425. CleanUp();
  3426. }
  3428. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  3429. {
  3430. //api errors
  3431. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3432. dwReturn = ERROR_SUCCESS;
  3433. }
  3435. //already one error displayed.
  3436. if(dwReturn == ERROR_NO_DISPLAY)
  3437. {
  3438. dwReturn = ERROR_SUCCESS;
  3439. }
  3441. return dwReturn;
  3442. }
  3444. ///////////////////////////////////////////////////////////////////////////////////////////
  3445. //
  3446. // Function : HandleDynamicDeleteQMPolicy
  3447. //
  3448. // Date of Creation: 9-23-2001
  3449. //
  3450. // Parameters :
  3451. // IN LPCWSTR pwszMachine,
  3452. // IN OUT LPWSTR *ppwcArguments,
  3453. // IN DWORD dwCurrentIndex,
  3454. // IN DWORD dwArgCount,
  3455. // IN DWORD dwFlags,
  3456. // IN LPCVOID pvData,
  3457. // OUT BOOL *pbDone
  3458. // Return : DWORD
  3459. //
  3460. // Description : Netshell Dynamic handle for quick mode policy.
  3461. //
  3462. // Revision History:
  3463. //
  3464. // Date Author Comments
  3465. //
  3466. //////////////////////////////////////////////////////////////////////////////////////////
  3468. DWORD WINAPI
  3469. HandleDynamicDeleteQMPolicy(
  3470. IN LPCWSTR pwszMachine,
  3471. IN OUT LPWSTR *ppwcArguments,
  3472. IN DWORD dwCurrentIndex,
  3473. IN DWORD dwArgCount,
  3474. IN DWORD dwFlags,
  3475. IN LPCVOID pvData,
  3476. OUT BOOL *pbDone
  3477. )
  3478. {
  3479. DWORD dwReturn = ERROR_SHOW_USAGE;
  3480. DWORD dwNameLen = 0;
  3481. DWORD dwCount = 0;
  3482. LPTSTR pPolicyName = NULL;
  3483. const TAG_TYPE vcmdDynamicDeleteQMPolicy[] =
  3484. {
  3485. { CMD_TOKEN_STR_NAME, NS_REQ_ZERO, FALSE },
  3486. { CMD_TOKEN_STR_ALL, NS_REQ_ZERO, FALSE }
  3487. };
  3489. const TOKEN_VALUE vtokDynamicDeleteQMPolicy[] =
  3490. {
  3491. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  3492. { CMD_TOKEN_STR_ALL, CMD_TOKEN_ALL }
  3493. };
  3495. PARSER_PKT parser;
  3496. ZeroMemory(&parser, sizeof(parser));
  3498. //
  3499. // Bail out as user has not given sufficient arguments.
  3500. //
  3501. if(dwArgCount <= 3)
  3502. {
  3503. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  3504. BAIL_OUT;
  3505. }
  3506. parser.ValidTok = vtokDynamicDeleteQMPolicy;
  3507. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicDeleteQMPolicy);
  3509. parser.ValidCmd = vcmdDynamicDeleteQMPolicy;
  3510. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicDeleteQMPolicy);
  3512. //
  3513. // Get the user input after parsing the data
  3514. //
  3515. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  3516. if(dwReturn != ERROR_SUCCESS)
  3517. {
  3518. if(dwReturn == RETURN_NO_ERROR)
  3519. {
  3520. dwReturn = ERROR_NO_DISPLAY;
  3521. BAIL_OUT;
  3522. }
  3523. else
  3524. {
  3525. dwReturn = ERROR_SHOW_USAGE;
  3526. BAIL_OUT;
  3527. }
  3528. }
  3530. //
  3531. // Check for user given tokens from the parser and copy into local variables
  3532. //
  3533. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  3534. {
  3535. switch(vtokDynamicDeleteQMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  3536. {
  3537. case CMD_TOKEN_NAME :
  3538. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3539. {
  3540. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  3541. pPolicyName = new _TCHAR[dwNameLen];
  3542. if(pPolicyName == NULL)
  3543. {
  3544. dwReturn = ERROR_OUTOFMEMORY;
  3545. BAIL_OUT;
  3546. }
  3547. _tcsncpy(pPolicyName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  3548. }
  3549. break;
  3550. case CMD_TOKEN_ALL : // if pPolicyName is NULL, deletes all
  3551. break;
  3552. default :
  3553. break;
  3554. }
  3555. }
  3556. dwReturn = DeleteQMPolicy(pPolicyName);
  3557. if(dwReturn == ERROR_NO_DISPLAY)
  3558. {
  3559. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_DEL_NO_QMPOLICY);
  3560. }
  3562. error:
  3563. if(dwArgCount > 3)
  3564. {
  3565. CleanUp();
  3566. }
  3567. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  3568. {
  3569. //api errors
  3570. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3571. dwReturn = ERROR_SUCCESS;
  3572. }
  3573. //already one error displayed.
  3574. if(dwReturn == ERROR_NO_DISPLAY)
  3575. {
  3576. dwReturn = ERROR_SUCCESS;
  3577. }
  3578. return dwReturn;
  3579. }
  3580. ///////////////////////////////////////////////////////////////////////////////////////////
  3581. //
  3582. // Function : HandleDynamicDeleteMMPolicy
  3583. //
  3584. // Date of Creation: 9-23-2001
  3585. //
  3586. // Parameters:
  3587. // IN LPCWSTR pwszMachine,
  3588. // IN OUT LPWSTR *ppwcArguments,
  3589. // IN DWORD dwCurrentIndex,
  3590. // IN DWORD dwArgCount,
  3591. // IN DWORD dwFlags,
  3592. // IN LPCVOID pvData,
  3593. // OUT BOOL *pbDone
  3594. // Return : DWORD
  3595. //
  3596. // Description : Netshell Dynamic handle for delete main mode policy
  3597. //
  3598. // Revision History:
  3599. //
  3600. // Date Author Comments
  3601. //
  3602. //////////////////////////////////////////////////////////////////////////////////////////
  3604. DWORD WINAPI
  3605. HandleDynamicDeleteMMPolicy(
  3606. IN LPCWSTR pwszMachine,
  3607. IN OUT LPWSTR *ppwcArguments,
  3608. IN DWORD dwCurrentIndex,
  3609. IN DWORD dwArgCount,
  3610. IN DWORD dwFlags,
  3611. IN LPCVOID pvData,
  3612. OUT BOOL *pbDone
  3613. )
  3614. {
  3615. DWORD dwReturn = ERROR_SHOW_USAGE;
  3616. DWORD dwNameLen = 0;
  3617. DWORD dwCount = 0;
  3618. LPTSTR pPolicyName = NULL;
  3619. const TAG_TYPE vcmdDynamicDeleteMMPolicy[] =
  3620. {
  3621. { CMD_TOKEN_STR_NAME, NS_REQ_ZERO, FALSE },
  3622. { CMD_TOKEN_STR_ALL, NS_REQ_ZERO, FALSE }
  3623. };
  3625. const TOKEN_VALUE vtokDynamicDeleteMMPolicy[] =
  3626. {
  3627. { CMD_TOKEN_STR_NAME, CMD_TOKEN_NAME },
  3628. { CMD_TOKEN_STR_ALL, CMD_TOKEN_ALL }
  3629. };
  3631. PARSER_PKT parser;
  3632. ZeroMemory(&parser, sizeof(parser));
  3634. //
  3635. // Bail out as user has not given sufficient arguments.
  3636. //
  3637. if(dwArgCount <= 3)
  3638. {
  3639. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  3640. BAIL_OUT;
  3641. }
  3642. parser.ValidTok = vtokDynamicDeleteMMPolicy;
  3643. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicDeleteMMPolicy);
  3645. parser.ValidCmd = vcmdDynamicDeleteMMPolicy;
  3646. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicDeleteMMPolicy);
  3648. //
  3649. // Get the user input after parsing the data
  3650. //
  3651. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  3652. if(dwReturn != ERROR_SUCCESS)
  3653. {
  3654. if(dwReturn == RETURN_NO_ERROR)
  3655. {
  3656. //
  3657. // This is to avoid multiple error messages display
  3658. //
  3659. dwReturn = ERROR_NO_DISPLAY;
  3660. BAIL_OUT;
  3661. }
  3662. else
  3663. {
  3664. dwReturn = ERROR_SHOW_USAGE;
  3665. BAIL_OUT;
  3666. }
  3667. }
  3668. //
  3669. // Check for user given tokens from the parser and copy into local variables
  3670. //
  3671. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  3672. {
  3673. switch(vtokDynamicDeleteMMPolicy[parser.Cmd[dwCount].dwCmdToken].dwValue)
  3674. {
  3675. case CMD_TOKEN_NAME :
  3676. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  3677. {
  3678. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  3679. pPolicyName = new _TCHAR[dwNameLen];
  3680. if(pPolicyName == NULL)
  3681. {
  3682. dwReturn = ERROR_OUTOFMEMORY;
  3683. BAIL_OUT;
  3684. }
  3685. _tcsncpy(pPolicyName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  3686. }
  3687. break;
  3688. case CMD_TOKEN_ALL : // if pPolicyName is NULL, deletes all
  3689. break;
  3690. default :
  3691. break;
  3692. }
  3693. }
  3695. dwReturn = DeleteMMPolicy(pPolicyName);
  3696. if(dwReturn == ERROR_NO_DISPLAY)
  3697. {
  3698. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_DEL_NO_MMPOLICY);
  3699. }
  3701. error:
  3702. if(dwArgCount > 3)
  3703. {
  3704. CleanUp();
  3705. }
  3706. if(pPolicyName)
  3707. {
  3708. delete [] pPolicyName;
  3709. }
  3710. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  3711. {
  3712. //api errors
  3713. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3714. dwReturn = ERROR_SUCCESS;
  3715. }
  3716. //already one error displayed.
  3717. if(dwReturn == ERROR_NO_DISPLAY)
  3718. {
  3719. dwReturn = ERROR_SUCCESS;
  3720. }
  3721. return dwReturn;
  3722. }
  3725. ///////////////////////////////////////////////////////////////////////////////////////////
  3726. //
  3727. // Function : HandleDynamicDeleteAll
  3728. //
  3729. // Date of Creation: 9-23-2001
  3730. //
  3731. // Parameters :
  3732. // IN LPCWSTR pwszMachine,
  3733. // IN OUT LPWSTR *ppwcArguments,
  3734. // IN DWORD dwCurrentIndex,
  3735. // IN DWORD dwArgCount,
  3736. // IN DWORD dwFlags,
  3737. // IN LPCVOID pvData,
  3738. // OUT BOOL *pbDone
  3739. // Return : DWORD
  3740. //
  3741. // Description : Netshell Dynamic handle for delete all.
  3742. //
  3743. // Revision History:
  3744. //
  3745. // Date Author Comments
  3746. //
  3747. //////////////////////////////////////////////////////////////////////////////////////////
  3749. DWORD WINAPI
  3750. HandleDynamicDeleteAll(
  3751. IN LPCWSTR pwszMachine,
  3752. IN OUT LPWSTR *ppwcArguments,
  3753. IN DWORD dwCurrentIndex,
  3754. IN DWORD dwArgCount,
  3755. IN DWORD dwFlags,
  3756. IN LPCVOID pvData,
  3757. OUT BOOL *pbDone
  3758. )
  3759. {
  3760. DWORD dwReturn = ERROR_SHOW_USAGE;
  3762. //to take care no errors at test tool
  3763. UpdateGetLastError(NULL);
  3765. dwReturn = DeleteTunnelFilters();
  3766. if(dwReturn != ERROR_SUCCESS)
  3767. {
  3768. //api errors
  3769. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3770. dwReturn = ERROR_SUCCESS;
  3771. }
  3773. dwReturn = DeleteTransportFilters();
  3774. if(dwReturn != ERROR_SUCCESS)
  3775. {
  3776. //api errors
  3777. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3778. dwReturn = ERROR_SUCCESS;
  3779. }
  3781. dwReturn = DeleteQMPolicy(NULL);
  3782. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_NO_DISPLAY))
  3783. {
  3784. //api errors
  3785. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3786. dwReturn = ERROR_SUCCESS;
  3787. }
  3789. dwReturn = DeleteMMFilters();
  3790. if(dwReturn != ERROR_SUCCESS)
  3791. {
  3792. //api errors
  3793. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3794. dwReturn = ERROR_SUCCESS;
  3795. }
  3797. dwReturn = DeleteMMPolicy(NULL);
  3798. if((dwReturn != ERROR_SUCCESS)&& (dwReturn != ERROR_NO_DISPLAY))
  3799. {
  3800. //api errors
  3801. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3802. dwReturn = ERROR_SUCCESS;
  3803. }
  3805. dwReturn = DeleteAuthMethods();
  3806. if(dwReturn != ERROR_SUCCESS)
  3807. {
  3808. //api errors
  3809. if(dwReturn == WIN32_AUTH_BEING_USED) //Win32 Error [13012] message is same as 13002.
  3810. { //So, it is converted to meaningful IPSec error code
  3811. PrintErrorMessage(IPSEC_ERR, dwReturn, ERRCODE_DELETE_AUTH_BEING_USED);
  3812. }
  3813. else
  3814. {
  3815. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  3816. }
  3817. dwReturn = ERROR_SUCCESS;
  3818. }
  3819. return dwReturn;
  3821. }
  3823. //////////////////////////////////////////////////////////////////////////////////////////
  3824. //
  3825. // WriteRegKey
  3826. //
  3827. //////////////////////////////////////////////////////////////////////////////////////////
  3829. DWORD
  3830. WriteRegKey(
  3831. LPTSTR lpValueName,
  3832. BYTE* data,
  3833. size_t uiDataSize,
  3834. DWORD dwDataType
  3835. )
  3836. {
  3837. DWORD dwReturn = 0;
  3838. HKEY hRegistryKey;
  3839. DWORD dwDisposition = 0;
  3841. dwReturn = RegCreateKeyEx(
  3842. g_hGlobalRegistryKey,
  3843. REGKEY_GLOBAL,
  3844. 0,
  3845. NULL,
  3846. 0,
  3847. KEY_ALL_ACCESS,
  3848. NULL,
  3849. &hRegistryKey,
  3850. &dwDisposition
  3851. );
  3852. if(dwReturn != ERROR_SUCCESS)
  3853. {
  3854. BAIL_OUT;
  3855. }
  3857. dwReturn = RegSetValueEx(
  3858. hRegistryKey,
  3859. lpValueName,
  3860. 0,
  3861. dwDataType,
  3862. data,
  3863. uiDataSize
  3864. );
  3865. if(dwReturn != ERROR_SUCCESS)
  3866. {
  3867. BAIL_OUT;
  3868. }
  3870. error:
  3871. if(hRegistryKey)
  3872. {
  3873. RegCloseKey(hRegistryKey);
  3874. }
  3876. return dwReturn;
  3877. }
  3879. DWORD
  3880. WriteRegKey(
  3881. LPTSTR lpValueName,
  3882. DWORD dwData
  3883. )
  3884. {
  3885. return WriteRegKey(lpValueName, (BYTE*)&dwData, sizeof(DWORD), REG_DWORD);
  3886. }
  3888. DWORD
  3889. ParseProtocol(
  3890. LPTSTR lpData,
  3891. BYTE* pProtocol
  3892. )
  3893. {
  3894. DWORD dwReturn = ERROR_SUCCESS;
  3895. BYTE value = 0;
  3897. // get protocol
  3898. if (_tcsicmp(lpData, IF_TYPE_UDP) == 0)
  3899. {
  3900. value = PROT_ID_UDP;
  3901. }
  3902. else if (_tcsicmp(lpData, IF_TYPE_TCP) == 0)
  3903. {
  3904. value = PROT_ID_TCP;
  3905. }
  3906. else if (_tcsicmp(lpData, IF_TYPE_ICMP) == 0)
  3907. {
  3908. value = PROT_ID_ICMP;
  3909. }
  3910. else if (_tcsicmp(lpData, IF_TYPE_RAW) == 0)
  3911. {
  3912. value = PROT_ID_RAW;
  3913. }
  3914. else // try to parse it as an integer
  3915. {
  3916. DWORD dwValue = 0;
  3917. dwReturn = ConvertStringToDword(lpData, &dwValue);
  3918. if ((dwReturn != ERROR_SUCCESS) || (dwValue < 1) || (dwValue > 255))
  3919. {
  3920. dwReturn = ERRCODE_INVALID_ARGS;
  3921. BAIL_OUT;
  3922. }
  3923. value = (BYTE)dwValue;
  3924. }
  3925. *pProtocol = value;
  3927. error:
  3928. return dwReturn;
  3929. }
  3931. DWORD
  3932. ParsePort(
  3933. LPTSTR lpData,
  3934. USHORT* pPort
  3935. )
  3936. {
  3937. DWORD dwReturn = ERROR_SUCCESS;
  3938. DWORD dwValue = 0;
  3939. dwReturn = ConvertStringToDword(lpData, &dwValue);
  3940. if ((dwReturn != ERROR_SUCCESS) || (dwValue > 65535))
  3941. {
  3942. dwReturn = ERRCODE_INVALID_ARGS;
  3943. BAIL_OUT;
  3944. }
  3945. *pPort = (USHORT)dwValue;
  3947. error:
  3948. return dwReturn;
  3949. }
  3951. DWORD
  3952. ParseDirection(
  3953. LPTSTR lpData,
  3954. BYTE* pDirection
  3955. )
  3956. {
  3957. DWORD dwReturn = ERROR_SUCCESS;
  3958. BYTE value = 0;
  3960. // get direction
  3961. if (_tcsicmp(lpData, TOKEN_STR_INBOUND) == 0)
  3962. {
  3963. value = EXEMPT_DIRECTION_INBOUND;
  3964. }
  3965. else if (_tcsicmp(lpData, TOKEN_STR_OUTBOUND) == 0)
  3966. {
  3967. value = EXEMPT_DIRECTION_OUTBOUND;
  3968. }
  3969. else
  3970. {
  3971. dwReturn = ERRCODE_INVALID_ARGS;
  3972. BAIL_OUT;
  3973. }
  3974. *pDirection = value;
  3976. error:
  3977. return dwReturn;
  3978. }
  3980. DWORD
  3981. ParseBootExemptions(
  3982. IN LPTSTR lpData
  3983. )
  3984. {
  3985. DWORD dwReturn = ERROR_SUCCESS;
  3987. // allocate 1024 tuples
  3988. PIPSEC_EXEMPT_ENTRY aEntries = new IPSEC_EXEMPT_ENTRY[MAX_EXEMPTION_ENTRIES];
  3989. ZeroMemory(aEntries, sizeof(*aEntries));
  3991. size_t uiNumExemptions = 0;
  3993. // check for keyword 'none', skip loop in this case
  3994. if (_tcsicmp(lpData, TOKEN_STR_NONE) != 0)
  3995. {
  3996. LPTSTR lpDelimiter = TOKEN_FIELD_DELIMITER;
  3997. LPTSTR lpCurrentToken = _tcstok(lpData, lpDelimiter);
  3998. size_t i = 0;
  3999. size_t state = 0;
  4001. // while not at end of string...
  4002. while ((lpCurrentToken != NULL) && (i < MAX_EXEMPTION_ENTRIES))
  4003. {
  4004. switch (state)
  4005. {
  4006. case 0:
  4007. // set the constant values (type and size)
  4008. aEntries[i].Type = EXEMPT_ENTRY_TYPE_DEFAULT;
  4009. aEntries[i].Size = EXEMPT_ENTRY_SIZE_DEFAULT;
  4010. dwReturn = ParseProtocol(lpCurrentToken, &(aEntries[i].Protocol));
  4011. if (dwReturn != ERROR_SUCCESS)
  4012. {
  4013. BAIL_OUT;
  4014. }
  4015. if ((aEntries[i].Protocol != PROT_ID_TCP) && (aEntries[i].Protocol != PROT_ID_UDP))
  4016. {
  4017. // unless TCP or UDP are specified, we don't support
  4018. // srcport or destport, fill them in with 0
  4019. aEntries[i].SrcPort = 0;
  4020. aEntries[i].DestPort = 0;
  4021. state += 2;
  4022. }
  4023. break;
  4024. case 1:
  4025. dwReturn = ParsePort(lpCurrentToken, &(aEntries[i].SrcPort));
  4026. break;
  4027. case 2:
  4028. dwReturn = ParsePort(lpCurrentToken, &(aEntries[i].DestPort));
  4029. break;
  4030. case 3:
  4031. dwReturn = ParseDirection(lpCurrentToken, &(aEntries[i].Direction));
  4032. if (dwReturn == ERROR_SUCCESS)
  4033. {
  4034. if (((aEntries[i].Protocol != PROT_ID_TCP) && (aEntries[i].Protocol != PROT_ID_UDP))
  4035. && ((aEntries[i].SrcPort != 0) || (aEntries[i].DestPort != 0)))
  4036. {
  4037. dwReturn = ERRCODE_INVALID_ARGS;
  4038. }
  4039. }
  4040. ++i;
  4041. break;
  4042. }
  4043. if (dwReturn != ERROR_SUCCESS)
  4044. {
  4045. BAIL_OUT;
  4046. }
  4048. state = (state + 1) % 4;
  4049. if (state == 3)
  4050. {
  4051. lpDelimiter = TOKEN_TUPLE_DELIMITER;
  4052. }
  4053. else
  4054. {
  4055. lpDelimiter = TOKEN_FIELD_DELIMITER;
  4056. }
  4057. lpCurrentToken = _tcstok(NULL, lpDelimiter);
  4058. }
  4060. // on exiting the loop, make sure we have only had complete tuples
  4061. if ((state % 4) != 0)
  4062. {
  4063. dwReturn = ERRCODE_INVALID_ARGS;
  4064. BAIL_OUT;
  4065. }
  4067. // were we given more than we can handle?
  4068. if (i == MAX_EXEMPTION_ENTRIES)
  4069. {
  4070. dwReturn = ERRCODE_TOO_MANY_EXEMPTS;
  4071. BAIL_OUT;
  4072. }
  4074. uiNumExemptions = i;
  4075. }
  4077. if (dwReturn == ERROR_SUCCESS)
  4078. {
  4079. dwReturn = WriteRegKey(
  4080. BOOTEXEMPTKEY,
  4081. (BYTE*)aEntries,
  4082. sizeof(IPSEC_EXEMPT_ENTRY) * uiNumExemptions,
  4083. REG_BINARY
  4084. );
  4085. }
  4087. error:
  4088. delete [] aEntries;
  4090. return dwReturn;
  4091. }
  4094. ///////////////////////////////////////////////////////////////////////////////////////////
  4095. //
  4096. // Function : HandleDynamicSetConfig
  4097. //
  4098. // Date of Creation: 9-23-2001
  4099. //
  4100. // Parameters :
  4101. // IN LPCWSTR pwszMachine,
  4102. // IN OUT LPWSTR *ppwcArguments,
  4103. // IN DWORD dwCurrentIndex,
  4104. // IN DWORD dwArgCount,
  4105. // IN DWORD dwFlags,
  4106. // IN LPCVOID pvData,
  4107. // OUT BOOL *pbDone
  4108. // Return : DWORD
  4109. //
  4110. // Description : This command sets the IPSec registry keys
  4111. //
  4112. // Revision History:
  4113. //
  4114. // Date Author Comments
  4115. //
  4116. //////////////////////////////////////////////////////////////////////////////////////////
  4118. DWORD WINAPI
  4119. HandleDynamicSetConfig(
  4120. IN LPCWSTR pwszMachine,
  4121. IN OUT LPWSTR *ppwcArguments,
  4122. IN DWORD dwCurrentIndex,
  4123. IN DWORD dwArgCount,
  4124. IN DWORD dwFlags,
  4125. IN LPCVOID pvData,
  4126. OUT BOOL *pbDone
  4127. )
  4128. {
  4129. DWORD dwReturn = ERROR_SHOW_USAGE;
  4130. DWORD dwKeyType = 0;
  4131. DWORD dwKeyValue = 0;
  4132. DWORD dwCount = 0;
  4134. LPTSTR lpKeyValue = NULL;
  4136. IKE_CONFIG IKEConfig;
  4138. const TAG_TYPE vcmdDynamicSetConfig[] =
  4139. {
  4140. { CMD_TOKEN_STR_PROPERTY, NS_REQ_PRESENT, FALSE },
  4141. { CMD_TOKEN_STR_VALUE, NS_REQ_PRESENT, FALSE }
  4142. };
  4144. const TOKEN_VALUE vtokDynamicSetConfig[] =
  4145. {
  4146. { CMD_TOKEN_STR_PROPERTY, CMD_TOKEN_PROPERTY },
  4147. { CMD_TOKEN_STR_VALUE, CMD_TOKEN_VALUE }
  4148. };
  4150. PARSER_PKT parser;
  4151. ZeroMemory(&parser, sizeof(parser));
  4153. ZeroMemory( &IKEConfig, sizeof(IKE_CONFIG) );
  4155. //
  4156. // Bail out as user has not given sufficient arguments.
  4157. //
  4158. if(dwArgCount <= 3)
  4159. {
  4160. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  4161. BAIL_OUT;
  4162. }
  4163. parser.ValidTok = vtokDynamicSetConfig;
  4164. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicSetConfig);
  4166. parser.ValidCmd = vcmdDynamicSetConfig;
  4167. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicSetConfig);
  4169. //
  4170. // Get the user input after parsing the data
  4171. //
  4172. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  4174. if(dwReturn != ERROR_SUCCESS)
  4175. {
  4176. if(dwReturn == RETURN_NO_ERROR)
  4177. {
  4178. dwReturn = ERROR_NO_DISPLAY;
  4179. BAIL_OUT;
  4180. }
  4181. else
  4182. {
  4183. dwReturn = ERROR_SHOW_USAGE;
  4184. BAIL_OUT;
  4185. }
  4186. }
  4188. //
  4189. // Check for user given tokens from the parser and copy into local variables
  4190. //
  4191. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  4192. {
  4193. switch(vtokDynamicSetConfig[parser.Cmd[dwCount].dwCmdToken].dwValue)
  4194. {
  4195. case CMD_TOKEN_PROPERTY :
  4196. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4197. {
  4198. dwKeyType = *(DWORD*)parser.Cmd[dwCount].pArg;
  4199. }
  4200. break;
  4201. case CMD_TOKEN_VALUE :
  4202. lpKeyValue = (LPTSTR)parser.Cmd[dwCount].pArg;
  4203. // if it's supposed to be numeric, convert now
  4204. switch (dwKeyType)
  4205. {
  4206. case PROPERTY_BOOTMODE:
  4207. break;
  4208. case PROPERTY_BOOTEXEMP:
  4209. break;
  4210. default:
  4211. dwReturn = ConvertStringToDword(lpKeyValue, &dwKeyValue);
  4212. if (dwReturn)
  4213. {
  4214. dwReturn = ERROR_SHOW_USAGE;
  4215. BAIL_OUT;
  4216. }
  4217. else
  4218. {
  4219. parser.Cmd[dwCount].dwStatus = VALID_TOKEN;
  4220. }
  4221. break;
  4222. }
  4223. break;
  4224. default :
  4225. break;
  4226. }
  4227. }
  4229. dwReturn = GetConfigurationVariables(g_szDynamicMachine, &IKEConfig);
  4230. if(dwReturn != ERROR_SUCCESS)
  4231. {
  4232. BAIL_OUT;
  4233. }
  4235. switch(dwKeyType)
  4236. {
  4237. case PROPERTY_ENABLEDIGNO:
  4238. //
  4239. // range is from 0-7 for enable diagnostics
  4240. //
  4241. if( dwKeyValue > 7)
  4242. {
  4243. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SET_CONFIG_1);
  4244. dwReturn = ERROR_NO_DISPLAY;
  4245. BAIL_OUT;
  4246. }
  4248. dwReturn = WriteRegKey(ENABLE_DIAG, dwKeyValue);
  4249. if(dwReturn != ERROR_SUCCESS)
  4250. {
  4251. BAIL_OUT;
  4252. }
  4253. break;
  4255. case PROPERTY_IKELOG:
  4256. //
  4257. // range is from 0-2 for IKE dwEnableLogging
  4258. //
  4259. if( dwKeyValue >2)
  4260. {
  4261. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SET_CONFIG_2);
  4262. dwReturn = ERROR_NO_DISPLAY;
  4263. BAIL_OUT;
  4264. }
  4265. IKEConfig.dwEnableLogging = dwKeyValue;
  4266. dwReturn = SetConfigurationVariables(g_szDynamicMachine, IKEConfig);
  4267. if(dwReturn != ERROR_SUCCESS)
  4268. {
  4269. BAIL_OUT;
  4270. }
  4271. break;
  4273. case PROPERTY_CRLCHK:
  4274. //
  4275. // range is from 0-2 for dwStrongCRLCheck
  4276. //
  4277. if( dwKeyValue >2)
  4278. {
  4279. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SET_CONFIG_3);
  4280. dwReturn = ERROR_NO_DISPLAY;
  4281. BAIL_OUT;
  4282. }
  4283. IKEConfig.dwStrongCRLCheck = dwKeyValue;
  4284. dwReturn = SetConfigurationVariables(g_szDynamicMachine, IKEConfig);
  4285. if(dwReturn != ERROR_SUCCESS)
  4286. {
  4287. BAIL_OUT;
  4288. }
  4289. break;
  4291. case PROPERTY_LOGINTER:
  4292. //
  4293. // range is from 60-86400 for ENABLE_LOGINT
  4294. //
  4295. if(dwKeyValue < 60 || dwKeyValue > 86400)
  4296. {
  4297. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SET_CONFIG_4);
  4298. dwReturn = ERROR_NO_DISPLAY;
  4299. BAIL_OUT;
  4300. }
  4302. dwReturn = WriteRegKey(ENABLE_LOGINT, dwKeyValue);
  4303. if(dwReturn != ERROR_SUCCESS)
  4304. {
  4305. BAIL_OUT;
  4306. }
  4307. break;
  4308. case PROPERTY_EXEMPT:
  4309. //
  4310. // range is from 0-3 for ENABLE_EXEMPT
  4311. //
  4312. if( dwKeyValue >3)
  4313. {
  4314. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_SET_CONFIG_5);
  4315. dwReturn = ERROR_NO_DISPLAY;
  4316. BAIL_OUT;
  4317. }
  4319. dwReturn = WriteRegKey(ENABLE_EXEMPT, dwKeyValue);
  4320. if(dwReturn != ERROR_SUCCESS)
  4321. {
  4322. BAIL_OUT;
  4323. }
  4324. break;
  4326. case PROPERTY_BOOTMODE:
  4327. // valid values are stateful, block, permit
  4328. if( _tcsicmp(lpKeyValue, VALUE_TYPE_STATEFUL) == 0)
  4329. {
  4330. dwKeyValue = VALUE_STATEFUL;
  4331. }
  4332. else if( _tcsicmp(lpKeyValue, VALUE_TYPE_BLOCK) == 0)
  4333. {
  4334. dwKeyValue = VALUE_BLOCK;
  4335. }
  4336. else if( _tcsicmp(lpKeyValue, VALUE_TYPE_PERMIT) == 0)
  4337. {
  4338. dwKeyValue = VALUE_PERMIT;
  4339. }
  4340. else
  4341. {
  4342. dwReturn = ERROR_SHOW_USAGE;
  4343. BAIL_OUT;
  4344. }
  4346. dwReturn = WriteRegKey(BOOTMODEKEY, dwKeyValue);
  4347. if (dwReturn != ERROR_SUCCESS)
  4348. {
  4349. BAIL_OUT;
  4350. }
  4351. break;
  4353. case PROPERTY_BOOTEXEMP:
  4354. dwReturn = ParseBootExemptions(lpKeyValue);
  4355. if (dwReturn != ERROR_SUCCESS)
  4356. {
  4357. PrintErrorMessage(IPSEC_ERR, 0, dwReturn);
  4358. dwReturn = ERROR_SHOW_USAGE;
  4359. BAIL_OUT;
  4360. }
  4361. break;
  4363. default :
  4364. break;
  4365. }
  4367. error:
  4368. if(dwArgCount > 3)
  4369. {
  4370. CleanUp();
  4371. }
  4373. else if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  4374. {
  4375. //api errors
  4376. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  4377. dwReturn = ERROR_SUCCESS;
  4378. }
  4380. //already one error displayed.
  4381. if(dwReturn == ERROR_NO_DISPLAY)
  4382. {
  4383. dwReturn = ERROR_SUCCESS;
  4384. }
  4385. return dwReturn;
  4386. }
  4387. ///////////////////////////////////////////////////////////////////////////////////////////
  4388. //
  4389. // Function : HandleDynamicAddRule
  4390. //
  4391. // Date of Creation: 9-23-2001
  4392. //
  4393. // Parameters :
  4394. // IN LPCWSTR pwszMachine,
  4395. // IN OUT LPWSTR *ppwcArguments,
  4396. // IN DWORD dwCurrentIndex,
  4397. // IN DWORD dwArgCount,
  4398. // IN DWORD dwFlags,
  4399. // IN LPCVOID pvData,
  4400. // OUT BOOL *pbDone
  4401. // Return : DWORD
  4402. //
  4403. // Description : Function adds a rule (As good as Adding QMF+MMF)
  4404. //
  4405. // Revision History:
  4406. //
  4407. // Date Author Comments
  4408. //
  4409. //////////////////////////////////////////////////////////////////////////////////////////
  4412. DWORD WINAPI
  4413. HandleDynamicAddRule(
  4414. IN LPCWSTR pwszMachine,
  4415. IN OUT LPWSTR *ppwcArguments,
  4416. IN DWORD dwCurrentIndex,
  4417. IN DWORD dwArgCount,
  4418. IN DWORD dwFlags,
  4419. IN LPCVOID pvData,
  4420. OUT BOOL *pbDone
  4421. )
  4422. {
  4423. TRANSPORT_FILTER ParserTransportlFltr;
  4424. TUNNEL_FILTER ParserTunnelFltr;
  4425. MM_FILTER MMFilter;
  4426. ADDR DesAddr, SrcAddr;
  4427. FILTER_ACTION Inbound = NEGOTIATE_SECURITY, Outbound = NEGOTIATE_SECURITY;
  4428. DWORD dwReturn = ERROR_SHOW_USAGE;
  4429. DWORD dwNameLen = 0;
  4430. DWORD dwCount = 0, j = 0;
  4431. DWORD dwProtocol = 0;
  4432. DWORD dwSrcPort = 0;
  4433. DWORD dwDstPort = 0;
  4434. DWORD dwSrcSplServer = NOT_SPLSERVER;
  4435. DWORD dwDstSplServer = NOT_SPLSERVER;
  4437. BOOL bTunnel = FALSE;
  4438. BOOL bPort = FALSE;
  4439. BOOL bAuth = FALSE;
  4440. BOOL bFailMMIfExists = FALSE;
  4441. BOOL bSrcMe = FALSE;
  4442. BOOL bIsOutboundBroadcast = FALSE;
  4444. LPTSTR pszMMPolicyName = NULL;
  4445. LPTSTR pszFilterActionName = NULL;
  4446. LPTSTR pszMMFilterName = NULL;
  4447. LPTSTR pszQMFilterName = NULL;
  4449. PRULEDATA pRuleData = new RULEDATA;
  4450. if (pRuleData == NULL)
  4451. {
  4452. dwReturn = ERROR_OUTOFMEMORY;
  4453. BAIL_OUT;
  4454. }
  4455. ZeroMemory(pRuleData, sizeof(RULEDATA));
  4456. PSTA_AUTH_METHODS pKerbAuth = NULL;
  4457. PSTA_AUTH_METHODS pPskAuth = NULL;
  4458. PSTA_MM_AUTH_METHODS *ppRootcaMMAuth = NULL;
  4460. const TAG_TYPE vcmdDynamicAddRule[] =
  4461. {
  4462. { CMD_TOKEN_STR_SRCADDR, NS_REQ_PRESENT, FALSE },
  4463. { CMD_TOKEN_STR_DSTADDR, NS_REQ_PRESENT, FALSE },
  4464. { CMD_TOKEN_STR_MMPOLICY, NS_REQ_PRESENT, FALSE },
  4465. { CMD_TOKEN_STR_QMPOLICY, NS_REQ_ZERO, FALSE },
  4466. { CMD_TOKEN_STR_PROTO, NS_REQ_ZERO, FALSE },
  4467. { CMD_TOKEN_STR_SRCPORT, NS_REQ_ZERO, FALSE },
  4468. { CMD_TOKEN_STR_DSTPORT, NS_REQ_ZERO, FALSE },
  4469. { CMD_TOKEN_STR_MIRROR, NS_REQ_ZERO, FALSE },
  4470. { CMD_TOKEN_STR_CONNTYPE, NS_REQ_ZERO, FALSE },
  4471. { CMD_TOKEN_STR_INBOUND, NS_REQ_ZERO, FALSE },
  4472. { CMD_TOKEN_STR_OUTBOUND, NS_REQ_ZERO, FALSE },
  4473. { CMD_TOKEN_STR_SRCMASK, NS_REQ_ZERO, FALSE },
  4474. { CMD_TOKEN_STR_DSTMASK, NS_REQ_ZERO, FALSE },
  4475. { CMD_TOKEN_STR_TUNNELDST, NS_REQ_ZERO, FALSE },
  4476. { CMD_TOKEN_STR_FAILMMIFEXISTS, NS_REQ_ZERO, FALSE },
  4477. { CMD_TOKEN_STR_KERB, NS_REQ_ZERO, FALSE },
  4478. { CMD_TOKEN_STR_PSK, NS_REQ_ZERO, FALSE }
  4479. };
  4480. const TOKEN_VALUE vtokDynamicAddRule[] =
  4481. {
  4482. { CMD_TOKEN_STR_SRCADDR, CMD_TOKEN_SRCADDR },
  4483. { CMD_TOKEN_STR_DSTADDR, CMD_TOKEN_DSTADDR },
  4484. { CMD_TOKEN_STR_MMPOLICY, CMD_TOKEN_MMPOLICY },
  4485. { CMD_TOKEN_STR_QMPOLICY, CMD_TOKEN_QMPOLICY },
  4486. { CMD_TOKEN_STR_PROTO, CMD_TOKEN_PROTO },
  4487. { CMD_TOKEN_STR_SRCPORT, CMD_TOKEN_SRCPORT },
  4488. { CMD_TOKEN_STR_DSTPORT, CMD_TOKEN_DSTPORT },
  4489. { CMD_TOKEN_STR_MIRROR, CMD_TOKEN_MIRROR },
  4490. { CMD_TOKEN_STR_CONNTYPE, CMD_TOKEN_CONNTYPE },
  4491. { CMD_TOKEN_STR_INBOUND, CMD_TOKEN_INBOUND },
  4492. { CMD_TOKEN_STR_OUTBOUND, CMD_TOKEN_OUTBOUND },
  4493. { CMD_TOKEN_STR_SRCMASK, CMD_TOKEN_SRCMASK },
  4494. { CMD_TOKEN_STR_DSTMASK, CMD_TOKEN_DSTMASK },
  4495. { CMD_TOKEN_STR_TUNNELDST, CMD_TOKEN_TUNNELDST },
  4496. { CMD_TOKEN_STR_FAILMMIFEXISTS, CMD_TOKEN_FAILMMIFEXISTS},
  4497. { CMD_TOKEN_STR_KERB, CMD_TOKEN_KERB },
  4498. { CMD_TOKEN_STR_PSK, CMD_TOKEN_PSK }
  4499. };
  4501. const TOKEN_VALUE vlistDynamicAddRule[] =
  4502. {
  4503. { CMD_TOKEN_STR_ROOTCA, CMD_TOKEN_ROOTCA }
  4504. };
  4507. PARSER_PKT parser;
  4508. ZeroMemory(&parser, sizeof(parser));
  4510. memset(&MMFilter, 0, sizeof(MM_FILTER));
  4511. memset(&ParserTunnelFltr, 0, sizeof(TUNNEL_FILTER));
  4512. memset(&ParserTransportlFltr, 0, sizeof(TRANSPORT_FILTER));
  4514. SrcAddr.uIpAddr = 0x0;
  4515. SrcAddr.AddrType = IP_ADDR_UNIQUE;
  4516. SrcAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  4518. DesAddr.uIpAddr = 0x0;
  4519. DesAddr.AddrType = IP_ADDR_UNIQUE;
  4520. DesAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  4522. ParserTunnelFltr.SrcTunnelAddr.AddrType = IP_ADDR_UNIQUE;
  4523. ParserTunnelFltr.SrcTunnelAddr.uIpAddr = SUBNET_ADDRESS_ANY;
  4524. ParserTunnelFltr.SrcTunnelAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  4526. ParserTunnelFltr.DesTunnelAddr.AddrType = IP_ADDR_UNIQUE;
  4527. ParserTunnelFltr.DesTunnelAddr.uIpAddr = SUBNET_ADDRESS_ANY;
  4528. ParserTunnelFltr.DesTunnelAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  4530. //
  4531. // Bail out as user has not given sufficient arguments.
  4532. //
  4533. if(dwArgCount <= 3)
  4534. {
  4535. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  4536. BAIL_OUT;
  4537. }
  4538. dwReturn = LoadMMFilterDefaults(MMFilter);
  4540. parser.ValidTok = vtokDynamicAddRule;
  4541. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicAddRule);
  4543. parser.ValidCmd = vcmdDynamicAddRule;
  4544. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicAddRule);
  4546. parser.ValidList = vlistDynamicAddRule;
  4547. parser.MaxList = SIZEOF_TOKEN_VALUE(vlistDynamicAddRule);
  4549. //
  4550. // Get the user input after parsing the data
  4551. //
  4552. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  4554. if(dwReturn != ERROR_SUCCESS)
  4555. {
  4556. if(dwReturn == RETURN_NO_ERROR)
  4557. {
  4558. dwReturn = ERROR_NO_DISPLAY;
  4559. BAIL_OUT;
  4560. }
  4561. else
  4562. {
  4563. dwReturn = ERROR_SHOW_USAGE;
  4564. BAIL_OUT;
  4565. }
  4566. }
  4567. //Check for user given tokens from the parser and copy into local variables
  4568. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  4569. {
  4570. switch(vtokDynamicAddRule[parser.Cmd[dwCount].dwCmdToken].dwValue)
  4571. {
  4572. case CMD_TOKEN_FAILMMIFEXISTS:
  4573. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4574. {
  4575. bFailMMIfExists = *(BOOL *)parser.Cmd[dwCount].pArg;
  4576. }
  4577. break;
  4578. case CMD_TOKEN_MMPOLICY :
  4579. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN && (LPTSTR)parser.Cmd[dwCount].pArg)
  4580. {
  4581. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  4582. pszMMPolicyName = new _TCHAR[dwNameLen];
  4583. if(pszMMPolicyName == NULL)
  4584. {
  4585. dwReturn = ERROR_OUTOFMEMORY;
  4586. BAIL_OUT;
  4587. }
  4588. _tcsncpy(pszMMPolicyName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  4589. }
  4590. break;
  4591. case CMD_TOKEN_QMPOLICY :
  4592. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN && (LPTSTR)parser.Cmd[dwCount].pArg)
  4593. {
  4594. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  4595. pszFilterActionName = new _TCHAR[dwNameLen];
  4596. if(pszFilterActionName == NULL)
  4597. {
  4598. dwReturn = ERROR_OUTOFMEMORY;
  4599. BAIL_OUT;
  4600. }
  4601. _tcsncpy(pszFilterActionName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  4602. }
  4603. break;
  4604. case CMD_TOKEN_MIRROR :
  4605. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4606. {
  4607. MMFilter.bCreateMirror = *(BOOL *)parser.Cmd[dwCount].pArg;
  4608. }
  4609. break;
  4610. case CMD_TOKEN_CONNTYPE :
  4611. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4612. {
  4613. switch(*(DWORD *)parser.Cmd[dwCount].pArg)
  4614. {
  4615. case INTERFACE_TYPE_ALL:
  4616. MMFilter.InterfaceType = INTERFACE_TYPE_ALL;
  4617. break;
  4618. case INTERFACE_TYPE_LAN:
  4619. MMFilter.InterfaceType = INTERFACE_TYPE_LAN;
  4620. break;
  4621. case INTERFACE_TYPE_DIALUP:
  4622. MMFilter.InterfaceType = INTERFACE_TYPE_DIALUP;
  4623. break;
  4624. default :
  4625. break;
  4626. }
  4627. }
  4628. break;
  4629. case CMD_TOKEN_DSTADDR :
  4630. if (parser.Cmd[dwCount].dwStatus)
  4631. {
  4632. // special servers id is available in dwStatus
  4633. switch(parser.Cmd[dwCount].dwStatus)
  4634. {
  4635. case SERVER_WINS:
  4636. case SERVER_DHCP:
  4637. case SERVER_DNS:
  4638. case SERVER_GATEWAY:
  4639. case IP_ME:
  4640. case IP_ANY:
  4641. dwDstSplServer = parser.Cmd[dwCount].dwStatus;
  4642. break;
  4643. case NOT_SPLSERVER:
  4644. //if it is not special server get the user given IP address
  4645. MMFilter.DesAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  4646. DesAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  4647. break;
  4648. default:
  4649. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  4650. dwReturn = ERROR_NO_DISPLAY;
  4651. BAIL_OUT;
  4652. break;
  4653. }
  4654. }
  4655. break;
  4656. case CMD_TOKEN_DSTMASK :
  4657. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4658. {
  4659. MMFilter.DesAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  4660. DesAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  4661. }
  4662. break;
  4663. case CMD_TOKEN_SRCADDR :
  4664. if (parser.Cmd[dwCount].dwStatus)
  4665. {
  4666. // special servers id is available in dwStatus
  4667. switch(parser.Cmd[dwCount].dwStatus)
  4668. {
  4669. case IP_ME:
  4670. bSrcMe = TRUE;
  4671. // fallthrough
  4672. case SERVER_WINS:
  4673. case SERVER_DHCP:
  4674. case SERVER_DNS:
  4675. case SERVER_GATEWAY:
  4676. case IP_ANY:
  4677. dwSrcSplServer = parser.Cmd[dwCount].dwStatus;
  4678. break;
  4679. case NOT_SPLSERVER:
  4680. //if it is not special server get the user given IP address
  4681. MMFilter.SrcAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  4682. SrcAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  4683. break;
  4684. default:
  4685. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  4686. dwReturn = ERROR_NO_DISPLAY;
  4687. BAIL_OUT;
  4688. break;
  4689. }
  4690. }
  4691. break;
  4692. case CMD_TOKEN_SRCMASK :
  4693. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4694. {
  4695. MMFilter.SrcAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  4696. SrcAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  4697. }
  4698. break;
  4699. case CMD_TOKEN_INBOUND :
  4700. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4701. {
  4702. if(*(DWORD *)parser.Cmd[dwCount].pArg==1)
  4703. {
  4704. Inbound = PASS_THRU;
  4705. }
  4706. else if(*(DWORD *)parser.Cmd[dwCount].pArg==2)
  4707. {
  4708. Inbound = BLOCKING;
  4709. }
  4710. else if(*(DWORD *)parser.Cmd[dwCount].pArg==3)
  4711. {
  4712. Inbound = NEGOTIATE_SECURITY;
  4713. }
  4714. }
  4715. break;
  4716. case CMD_TOKEN_OUTBOUND :
  4717. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4718. {
  4719. if(*(DWORD *)parser.Cmd[dwCount].pArg==1)
  4720. {
  4721. Outbound = PASS_THRU;
  4722. }
  4723. else if(*(DWORD *)parser.Cmd[dwCount].pArg==2)
  4724. {
  4725. Outbound = BLOCKING;
  4726. }
  4727. else if(*(DWORD *)parser.Cmd[dwCount].pArg==3)
  4728. {
  4729. Outbound = NEGOTIATE_SECURITY;
  4730. }
  4731. }
  4732. break;
  4733. case CMD_TOKEN_SRCPORT :
  4734. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4735. {
  4736. dwSrcPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  4737. bPort = TRUE;
  4738. }
  4739. break;
  4740. case CMD_TOKEN_DSTPORT :
  4741. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4742. {
  4743. dwDstPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  4744. bPort = TRUE;
  4745. }
  4746. break;
  4747. case CMD_TOKEN_PROTO :
  4748. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4749. {
  4750. dwProtocol = *(DWORD *)parser.Cmd[dwCount].pArg;
  4751. }
  4752. break;
  4753. case CMD_TOKEN_TUNNELDST :
  4754. if (parser.Cmd[dwCount].dwStatus)
  4755. {
  4756. //
  4757. // Special servers id is available in dwStatus
  4758. //
  4759. switch(parser.Cmd[dwCount].dwStatus)
  4760. {
  4761. case NOT_SPLSERVER:
  4762. //
  4763. // If it is not special server get the user given IP address
  4764. //
  4765. ParserTunnelFltr.DesTunnelAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  4766. bTunnel = TRUE;
  4767. ADDR addr;
  4768. addr.uIpAddr = htonl(ParserTunnelFltr.DesTunnelAddr.uIpAddr);
  4769. addr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  4770. if (!IsValidTunnelEndpointAddress(&addr))
  4771. {
  4772. dwReturn = ERROR_INVALID_PARAMETER;
  4773. BAIL_OUT;
  4774. }
  4775. break;
  4776. case SERVER_WINS:
  4777. case SERVER_DHCP:
  4778. case SERVER_DNS:
  4779. case SERVER_GATEWAY:
  4780. case IP_ME:
  4781. case IP_ANY:
  4782. default:
  4783. PrintMessageFromModule(g_hModule, ADD_STATIC_RULE_INVALID_TUNNEL);
  4784. dwReturn = ERROR_NO_DISPLAY;
  4785. BAIL_OUT;
  4786. break;
  4787. }
  4788. }
  4789. break;
  4790. case CMD_TOKEN_KERB :
  4791. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4792. {
  4793. pRuleData->bAuthMethodSpecified = TRUE;
  4794. ++pRuleData->AuthInfos.dwNumAuthInfos;
  4795. pKerbAuth = (PSTA_AUTH_METHODS)parser.Cmd[dwCount].pArg;
  4796. }
  4797. break;
  4798. case CMD_TOKEN_PSK :
  4799. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  4800. {
  4801. pRuleData->bAuthMethodSpecified = TRUE;
  4802. ++pRuleData->AuthInfos.dwNumAuthInfos;
  4803. pPskAuth = (PSTA_AUTH_METHODS)parser.Cmd[dwCount].pArg;
  4804. }
  4805. break;
  4806. case CMD_TOKEN_ROOTCA :
  4807. // this case is special, handled below...
  4808. break;
  4809. default :
  4810. break;
  4811. }
  4812. }
  4814. size_t uiRootcaIndex = parser.MaxTok;
  4815. if (parser.Cmd[uiRootcaIndex].dwStatus > 0)
  4816. {
  4817. pRuleData->bAuthMethodSpecified = TRUE;
  4818. pRuleData->AuthInfos.dwNumAuthInfos += parser.Cmd[uiRootcaIndex].dwStatus;
  4819. ppRootcaMMAuth = (PSTA_MM_AUTH_METHODS *)(parser.Cmd[uiRootcaIndex].pArg);
  4820. }
  4822. dwReturn = AddAllAuthMethods(pRuleData, pKerbAuth, pPskAuth, ppRootcaMMAuth, TRUE);
  4823. if (dwReturn != ERROR_SUCCESS)
  4824. {
  4825. BAIL_OUT;
  4826. }
  4828. //
  4829. // Checking Invalid conditions.
  4830. //
  4831. if((dwSrcSplServer != NOT_SPLSERVER) && (dwDstSplServer != NOT_SPLSERVER)
  4832. && (dwSrcSplServer != IP_ME) && (dwSrcSplServer != IP_ANY)
  4833. && (dwDstSplServer != IP_ME) && (dwDstSplServer != IP_ANY) )
  4834. {
  4835. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_PARSER_ADDRTYPE);
  4836. dwReturn = ERROR_NO_DISPLAY;
  4837. BAIL_OUT;
  4838. }
  4840. //
  4841. // If qmpolicy name is not given and inbound and outbound are negotiate security, then bail out
  4842. //
  4843. if((Inbound == NEGOTIATE_SECURITY || Outbound == NEGOTIATE_SECURITY) && !pszFilterActionName)
  4844. {
  4845. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_ADD_RULE_WARNING_3);
  4846. dwReturn = ERROR_NO_DISPLAY;
  4847. BAIL_OUT;
  4848. }
  4849. //
  4850. // If tunnel rule is added with mirror = yes, bail out
  4851. //
  4852. if(bTunnel && MMFilter.bCreateMirror)
  4853. {
  4854. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_ADD_RULE_WARNING_4);
  4855. dwReturn = ERROR_NO_DISPLAY;
  4856. BAIL_OUT;
  4857. }
  4859. if(dwReturn != ERROR_SUCCESS)
  4860. {
  4861. BAIL_OUT;
  4862. }
  4864. ADDR srcAddr;
  4865. ADDR dstAddr;
  4867. srcAddr.uIpAddr = ntohl(SrcAddr.uIpAddr);
  4868. srcAddr.uSubNetMask = ntohl(SrcAddr.uSubNetMask);
  4870. dstAddr.uIpAddr = ntohl(DesAddr.uIpAddr);
  4871. dstAddr.uSubNetMask = ntohl(DesAddr.uSubNetMask);
  4873. if (IsBroadcastAddress(&dstAddr) || IsMulticastAddress(&dstAddr))
  4874. {
  4875. if (MMFilter.bCreateMirror || !bSrcMe ||
  4876. ((Inbound == NEGOTIATE_SECURITY) || (Outbound == NEGOTIATE_SECURITY))
  4877. )
  4878. {
  4879. dwReturn = ERROR_INVALID_PARAMETER;
  4880. BAIL_OUT;
  4881. }
  4882. if (IsBroadcastAddress(&dstAddr))
  4883. {
  4884. bIsOutboundBroadcast = TRUE;
  4885. }
  4886. }
  4888. // don't accept subnetX <-> subnetX (same subnet) if mirrored=no
  4889. // reject subnetx-subnetx
  4890. if (!MMFilter.bCreateMirror)
  4891. {
  4892. if (IsValidSubnet(&srcAddr) && IsValidSubnet(&dstAddr) && (srcAddr.uIpAddr == dstAddr.uIpAddr))
  4893. {
  4894. dwReturn = ERROR_INVALID_PARAMETER;
  4895. BAIL_OUT;
  4896. }
  4897. }
  4899. //Src Dst addr's of MM filter should be tunnel end points if present
  4900. //
  4901. if(bTunnel)
  4902. {
  4903. AddSplAddr(MMFilter.SrcAddr, IP_ME);
  4904. MMFilter.DesAddr.uIpAddr = ParserTunnelFltr.DesTunnelAddr.uIpAddr;
  4905. MMFilter.DesAddr.AddrType = IP_ADDR_UNIQUE;
  4906. MMFilter.DesAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  4907. MMFilter.bCreateMirror = TRUE;
  4908. }
  4909. else
  4910. {
  4911. if(dwSrcSplServer == NOT_SPLSERVER)
  4912. {
  4913. MMFilter.SrcAddr.AddrType = (MMFilter.SrcAddr.uSubNetMask == IP_ADDRESS_MASK_NONE) ? IP_ADDR_UNIQUE : IP_ADDR_SUBNET;
  4914. }
  4915. else
  4916. {
  4917. AddSplAddr(MMFilter.SrcAddr, dwSrcSplServer);
  4918. }
  4920. if(dwDstSplServer == NOT_SPLSERVER)
  4921. {
  4922. MMFilter.DesAddr.AddrType = (MMFilter.DesAddr.uSubNetMask == IP_ADDRESS_MASK_NONE) ? IP_ADDR_UNIQUE : IP_ADDR_SUBNET;
  4923. }
  4924. else
  4925. {
  4926. AddSplAddr(MMFilter.DesAddr, dwDstSplServer);
  4927. }
  4928. }
  4930. dwReturn = CreateName(&pszMMFilterName);
  4931. if(dwReturn != ERROR_SUCCESS)
  4932. {
  4933. BAIL_OUT;
  4934. }
  4936. // we create a MM filter for any tunnel rule and for any non-tunnel rule that is not to broadcast
  4937. if (!bIsOutboundBroadcast || bTunnel)
  4938. {
  4939. dwReturn = AddMainModeFilter( pszMMFilterName, pszMMPolicyName, MMFilter, pRuleData->AuthInfos);
  4940. if (!bFailMMIfExists && (dwReturn == ERROR_IPSEC_MM_AUTH_EXISTS || dwReturn == ERROR_IPSEC_MM_FILTER_EXISTS))
  4941. {
  4942. dwReturn = ERROR_SUCCESS; // it's not actually an error, functionality requires.
  4943. // Even if MMFilter already exists, continue for QMFilter creation.
  4944. }
  4945. else if(dwReturn != ERROR_SUCCESS)
  4946. {
  4947. BAIL_OUT;
  4948. }
  4949. }
  4951. if(dwSrcSplServer == NOT_SPLSERVER)
  4952. {
  4953. SrcAddr.AddrType = (SrcAddr.uSubNetMask == IP_ADDRESS_MASK_NONE) ? IP_ADDR_UNIQUE : IP_ADDR_SUBNET;
  4954. }
  4955. else
  4956. {
  4957. AddSplAddr(SrcAddr, dwSrcSplServer);
  4958. }
  4960. //
  4961. // Destination address setting up
  4962. //
  4963. if(dwDstSplServer == NOT_SPLSERVER)
  4964. {
  4965. DesAddr.AddrType = (DesAddr.uSubNetMask == IP_ADDRESS_MASK_NONE) ? IP_ADDR_UNIQUE : IP_ADDR_SUBNET;
  4966. }
  4967. else
  4968. {
  4969. AddSplAddr(DesAddr, dwDstSplServer);
  4970. }
  4971. //
  4972. // Transport Filter data setup
  4973. //
  4974. if(!bTunnel)
  4975. {
  4976. ParserTransportlFltr.Protocol.ProtocolType = PROTOCOL_UNIQUE;
  4977. ParserTransportlFltr.Protocol.dwProtocol = dwProtocol;
  4978. ParserTransportlFltr.SrcPort.PortType = PORT_UNIQUE;
  4979. ParserTransportlFltr.SrcPort.wPort = (WORD)dwSrcPort;
  4980. ParserTransportlFltr.DesPort.PortType = PORT_UNIQUE;
  4981. ParserTransportlFltr.DesPort.wPort = (WORD)dwDstPort;
  4982. ParserTransportlFltr.SrcAddr.AddrType = SrcAddr.AddrType;
  4983. ParserTransportlFltr.SrcAddr.uIpAddr = SrcAddr.uIpAddr;
  4984. ParserTransportlFltr.SrcAddr.uSubNetMask = SrcAddr.uSubNetMask;
  4985. ParserTransportlFltr.DesAddr.AddrType = DesAddr.AddrType;
  4986. ParserTransportlFltr.DesAddr.uIpAddr = DesAddr.uIpAddr;
  4987. ParserTransportlFltr.DesAddr.uSubNetMask = DesAddr.uSubNetMask;
  4988. ParserTransportlFltr.InterfaceType = MMFilter.InterfaceType;
  4989. ParserTransportlFltr.bCreateMirror = MMFilter.bCreateMirror;
  4990. ParserTransportlFltr.InboundFilterAction = Inbound;
  4991. ParserTransportlFltr.OutboundFilterAction = Outbound;
  4993. if(!((ParserTransportlFltr.Protocol.dwProtocol == PROT_ID_TCP) || (ParserTransportlFltr.Protocol.dwProtocol == PROT_ID_UDP)))
  4994. {
  4995. ParserTransportlFltr.SrcPort.wPort = 0;
  4996. ParserTransportlFltr.DesPort.wPort = 0;
  4997. if(bPort)
  4998. {
  4999. PrintMessageFromModule(g_hModule, ERR_DYN_INVALID_PORT);
  5000. }
  5001. }
  5002. dwReturn = CreateName(&pszQMFilterName);
  5003. if(dwReturn != ERROR_SUCCESS)
  5004. {
  5005. BAIL_OUT;
  5006. }
  5007. dwReturn = AddQuickModeFilter( pszQMFilterName, pszFilterActionName, ParserTransportlFltr);
  5008. }
  5009. //
  5010. // Tunnel filter data setup
  5011. //
  5012. else
  5013. {
  5014. ParserTunnelFltr.Protocol.ProtocolType = PROTOCOL_UNIQUE;
  5015. ParserTunnelFltr.Protocol.dwProtocol = dwProtocol;
  5016. ParserTunnelFltr.SrcPort.PortType = PORT_UNIQUE;
  5017. ParserTunnelFltr.SrcPort.wPort = (WORD)dwSrcPort;
  5018. ParserTunnelFltr.DesPort.PortType = PORT_UNIQUE;
  5019. ParserTunnelFltr.DesPort.wPort = (WORD)dwDstPort;
  5020. ParserTunnelFltr.InterfaceType = MMFilter.InterfaceType;
  5021. ParserTunnelFltr.bCreateMirror = FALSE;
  5022. ParserTunnelFltr.InboundFilterAction = Inbound;
  5023. ParserTunnelFltr.OutboundFilterAction = Outbound;
  5024. ParserTunnelFltr.SrcAddr.AddrType = SrcAddr.AddrType;
  5025. ParserTunnelFltr.SrcAddr.uIpAddr = SrcAddr.uIpAddr;
  5026. ParserTunnelFltr.SrcAddr.uSubNetMask = SrcAddr.uSubNetMask;
  5027. ParserTunnelFltr.DesAddr.AddrType = DesAddr.AddrType;
  5028. ParserTunnelFltr.DesAddr.uIpAddr = DesAddr.uIpAddr;
  5029. ParserTunnelFltr.DesAddr.uSubNetMask = DesAddr.uSubNetMask;
  5031. //
  5032. // Fill addr type, mask and uIpaddr for special server for tunnel source
  5033. //
  5034. AddSplAddr(ParserTunnelFltr.SrcTunnelAddr, IP_ANY);
  5035. ParserTunnelFltr.SrcTunnelAddr.pgInterfaceID = NULL;
  5037. //
  5038. // Fill addr type, mask and uIpaddr for special server for tunnel destination
  5039. //
  5040. ParserTunnelFltr.DesTunnelAddr.AddrType = (ParserTunnelFltr.DesTunnelAddr.uSubNetMask == IP_ADDRESS_MASK_NONE) ? IP_ADDR_UNIQUE : IP_ADDR_SUBNET;
  5041. ParserTunnelFltr.DesTunnelAddr.pgInterfaceID = NULL;
  5043. if(!((ParserTunnelFltr.Protocol.dwProtocol == PROT_ID_TCP) || (ParserTunnelFltr.Protocol.dwProtocol == PROT_ID_UDP)))
  5044. {
  5045. ParserTunnelFltr.SrcPort.wPort = 0;
  5046. ParserTunnelFltr.DesPort.wPort = 0;
  5047. if(bPort)
  5048. {
  5049. PrintMessageFromModule(g_hModule, ERR_DYN_INVALID_PORT);
  5050. }
  5051. }
  5052. dwReturn = CreateName(&pszQMFilterName);
  5053. if(dwReturn == ERROR_SUCCESS)
  5054. {
  5055. dwReturn = AddQuickModeFilter( pszQMFilterName, pszFilterActionName, ParserTunnelFltr);
  5056. }
  5057. }
  5059. error:
  5060. CleanupAuthData(&pKerbAuth, &pPskAuth, ppRootcaMMAuth);
  5061. CleanUpLocalRuleDataStructure(pRuleData);
  5062. pRuleData = NULL;
  5064. if(ParserTransportlFltr.pszFilterName)
  5065. {
  5066. delete [] ParserTransportlFltr.pszFilterName;
  5067. }
  5069. if(ParserTunnelFltr.pszFilterName)
  5070. {
  5071. delete[] ParserTunnelFltr.pszFilterName;
  5072. }
  5074. if(MMFilter.pszFilterName)
  5075. {
  5076. delete [] MMFilter.pszFilterName;
  5077. }
  5079. if(pszMMPolicyName)
  5080. {
  5081. delete [] pszMMPolicyName;
  5082. }
  5084. if(pszFilterActionName)
  5085. {
  5086. delete [] pszFilterActionName;
  5087. }
  5089. if(pszMMFilterName)
  5090. {
  5091. delete [] pszMMFilterName;
  5092. }
  5094. if(pszQMFilterName)
  5095. {
  5096. delete [] pszQMFilterName;
  5097. }
  5099. if(dwArgCount > 3)
  5100. {
  5101. CleanUp();
  5102. }
  5104. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE) && (dwReturn != ERROR_NO_DISPLAY))
  5105. {
  5106. //api errors
  5107. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  5108. dwReturn = ERROR_SUCCESS;
  5109. }
  5111. //already one error displayed.
  5112. if(dwReturn == ERROR_NO_DISPLAY)
  5113. {
  5114. dwReturn = ERROR_SUCCESS;
  5115. }
  5117. return dwReturn;
  5118. }
  5121. ///////////////////////////////////////////////////////////////////////////////////////////
  5122. //
  5123. // Function : HandleDynamicSetRule
  5124. //
  5125. // Date of Creation: 9-23-2001
  5126. //
  5127. // Parameters :
  5128. // IN LPCWSTR pwszMachine,
  5129. // IN OUT LPWSTR *ppwcArguments,
  5130. // IN DWORD dwCurrentIndex,
  5131. // IN DWORD dwArgCount,
  5132. // IN DWORD dwFlags,
  5133. // IN LPCVOID pvData,
  5134. // OUT BOOL *pbDone
  5135. // Return : DWORD
  5136. //
  5137. // Description :
  5138. //
  5139. // Revision History:
  5140. //
  5141. // Date Author Comments
  5142. //
  5143. //////////////////////////////////////////////////////////////////////////////////////////
  5144. DWORD WINAPI
  5145. HandleDynamicSetRule(
  5146. IN LPCWSTR pwszMachine,
  5147. IN OUT LPWSTR *ppwcArguments,
  5148. IN DWORD dwCurrentIndex,
  5149. IN DWORD dwArgCount,
  5150. IN DWORD dwFlags,
  5151. IN LPCVOID pvData,
  5152. OUT BOOL *pbDone
  5153. )
  5154. {
  5155. PTRANSPORT_FILTER pTransportFltr = NULL;
  5156. PTUNNEL_FILTER pTunnelFltr = NULL;
  5157. PMM_FILTER pMMFltr = NULL;
  5158. ADDR DesAddr, SrcAddr, SrcTunnel, DstTunnel;
  5159. FILTER_ACTION Inbound = FILTER_ACTION_MAX, Outbound = FILTER_ACTION_MAX;
  5160. IF_TYPE InterfaceType = INTERFACE_TYPE_ALL;
  5161. DWORD dwReturn = ERROR_SHOW_USAGE;
  5162. DWORD dwNameLen = 0;
  5163. DWORD dwCount = 0, j = 0;
  5164. DWORD dwProtocol = 0;
  5165. DWORD dwSrcPort = 0;
  5166. DWORD dwDstPort = 0;
  5167. DWORD dwSrcSplServer = NOT_SPLSERVER;
  5168. DWORD dwDstSplServer = NOT_SPLSERVER;
  5170. BOOL bTunnel = FALSE;
  5171. BOOL bSrcMask = FALSE;
  5172. BOOL bDstMask = FALSE;
  5173. BOOL bInbound = FALSE;
  5174. BOOL bOutbound = FALSE;
  5175. BOOL bAuth = FALSE;
  5176. BOOL bMirror = TRUE;
  5177. BOOL bSrcMe = FALSE;
  5178. BOOL bIsOutboundBroadcast = FALSE;
  5180. LPTSTR pszMMPolicyName = NULL;
  5181. LPTSTR pszFilterActionName = NULL;
  5183. PRULEDATA pRuleData = new RULEDATA;
  5184. if (pRuleData == NULL)
  5185. {
  5186. dwReturn = ERROR_OUTOFMEMORY;
  5187. BAIL_OUT;
  5188. }
  5189. ZeroMemory(pRuleData, sizeof(RULEDATA));
  5190. PSTA_AUTH_METHODS pKerbAuth = NULL;
  5191. PSTA_AUTH_METHODS pPskAuth = NULL;
  5192. PSTA_MM_AUTH_METHODS *ppRootcaMMAuth = NULL;
  5194. const TAG_TYPE vcmdDynamicSetRule[] =
  5195. {
  5196. { CMD_TOKEN_STR_SRCADDR, NS_REQ_PRESENT, FALSE },
  5197. { CMD_TOKEN_STR_DSTADDR, NS_REQ_PRESENT, FALSE },
  5198. { CMD_TOKEN_STR_PROTO, NS_REQ_PRESENT, FALSE },
  5199. { CMD_TOKEN_STR_SRCPORT, NS_REQ_PRESENT, FALSE },
  5200. { CMD_TOKEN_STR_DSTPORT, NS_REQ_PRESENT, FALSE },
  5201. { CMD_TOKEN_STR_MIRROR, NS_REQ_PRESENT, FALSE },
  5202. { CMD_TOKEN_STR_CONNTYPE, NS_REQ_PRESENT, FALSE },
  5203. { CMD_TOKEN_STR_SRCMASK, NS_REQ_ZERO, FALSE },
  5204. { CMD_TOKEN_STR_DSTMASK, NS_REQ_ZERO, FALSE },
  5205. { CMD_TOKEN_STR_TUNNELDST, NS_REQ_ZERO, FALSE },
  5206. { CMD_TOKEN_STR_MMPOLICY, NS_REQ_ZERO, FALSE },
  5207. { CMD_TOKEN_STR_QMPOLICY, NS_REQ_ZERO, FALSE },
  5208. { CMD_TOKEN_STR_INBOUND, NS_REQ_ZERO, FALSE },
  5209. { CMD_TOKEN_STR_OUTBOUND, NS_REQ_ZERO, FALSE },
  5210. { CMD_TOKEN_STR_KERB, NS_REQ_ZERO, FALSE },
  5211. { CMD_TOKEN_STR_PSK, NS_REQ_ZERO, FALSE }
  5212. };
  5213. const TOKEN_VALUE vtokDynamicSetRule[] =
  5214. {
  5215. { CMD_TOKEN_STR_SRCADDR, CMD_TOKEN_SRCADDR },
  5216. { CMD_TOKEN_STR_DSTADDR, CMD_TOKEN_DSTADDR },
  5217. { CMD_TOKEN_STR_PROTO, CMD_TOKEN_PROTO },
  5218. { CMD_TOKEN_STR_SRCPORT, CMD_TOKEN_SRCPORT },
  5219. { CMD_TOKEN_STR_DSTPORT, CMD_TOKEN_DSTPORT },
  5220. { CMD_TOKEN_STR_MIRROR, CMD_TOKEN_MIRROR },
  5221. { CMD_TOKEN_STR_CONNTYPE, CMD_TOKEN_CONNTYPE },
  5222. { CMD_TOKEN_STR_SRCMASK, CMD_TOKEN_SRCMASK },
  5223. { CMD_TOKEN_STR_DSTMASK, CMD_TOKEN_DSTMASK },
  5224. { CMD_TOKEN_STR_TUNNELDST, CMD_TOKEN_TUNNELDST },
  5225. { CMD_TOKEN_STR_MMPOLICY, CMD_TOKEN_MMPOLICY },
  5226. { CMD_TOKEN_STR_QMPOLICY, CMD_TOKEN_QMPOLICY },
  5227. { CMD_TOKEN_STR_INBOUND, CMD_TOKEN_INBOUND },
  5228. { CMD_TOKEN_STR_OUTBOUND, CMD_TOKEN_OUTBOUND },
  5229. { CMD_TOKEN_STR_KERB, CMD_TOKEN_KERB },
  5230. { CMD_TOKEN_STR_PSK, CMD_TOKEN_PSK }
  5231. };
  5233. const TOKEN_VALUE vlistDynamicSetRule[] =
  5234. {
  5235. { CMD_TOKEN_STR_ROOTCA, CMD_TOKEN_ROOTCA },
  5236. };
  5238. PARSER_PKT parser;
  5239. ZeroMemory(&parser, sizeof(parser));
  5241. SrcAddr.uIpAddr = 0x0;
  5242. SrcAddr.AddrType = IP_ADDR_UNIQUE;
  5243. SrcAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  5245. DesAddr.uIpAddr = 0x0;
  5246. DesAddr.AddrType = IP_ADDR_UNIQUE;
  5247. DesAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  5249. SrcTunnel.uIpAddr = 0x0;
  5250. SrcTunnel.AddrType = IP_ADDR_UNIQUE;
  5251. SrcTunnel.uSubNetMask = IP_ADDRESS_MASK_NONE;
  5253. DstTunnel.uIpAddr = 0x0;
  5254. DstTunnel.AddrType = IP_ADDR_UNIQUE;
  5255. DstTunnel.uSubNetMask = IP_ADDRESS_MASK_NONE;
  5257. // Bail out as user has not given sufficient arguments.
  5258. if(dwArgCount <= 3)
  5259. {
  5260. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  5261. BAIL_OUT;
  5262. }
  5264. parser.ValidTok = vtokDynamicSetRule;
  5265. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicSetRule);
  5267. parser.ValidCmd = vcmdDynamicSetRule;
  5268. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicSetRule);
  5270. parser.ValidList = vlistDynamicSetRule;
  5271. parser.MaxList = SIZEOF_TOKEN_VALUE(vlistDynamicSetRule);
  5273. //
  5274. // Get the user input after parsing the data
  5275. //
  5276. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  5278. if(dwReturn != ERROR_SUCCESS)
  5279. {
  5280. if(dwReturn == RETURN_NO_ERROR)
  5281. {
  5282. dwReturn = ERROR_NO_DISPLAY;
  5283. BAIL_OUT;
  5284. }
  5285. else
  5286. {
  5287. dwReturn = ERROR_SHOW_USAGE;
  5288. BAIL_OUT;
  5289. }
  5290. }
  5291. //
  5292. // Check for user given tokens from the parser and copy into local variables
  5293. //
  5294. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  5295. {
  5296. switch(vtokDynamicSetRule[parser.Cmd[dwCount].dwCmdToken].dwValue)
  5297. {
  5298. case CMD_TOKEN_MMPOLICY :
  5299. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN && (LPTSTR)parser.Cmd[dwCount].pArg)
  5300. {
  5301. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  5302. pszMMPolicyName = new _TCHAR[dwNameLen];
  5303. if(pszMMPolicyName == NULL)
  5304. {
  5305. dwReturn = ERROR_OUTOFMEMORY;
  5306. BAIL_OUT;
  5307. }
  5308. _tcsncpy(pszMMPolicyName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  5309. }
  5310. break;
  5311. case CMD_TOKEN_QMPOLICY :
  5312. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN && (LPTSTR)parser.Cmd[dwCount].pArg)
  5313. {
  5314. dwNameLen = _tcslen((LPTSTR)parser.Cmd[dwCount].pArg)+1;
  5315. pszFilterActionName = new _TCHAR[dwNameLen];
  5316. if(pszFilterActionName == NULL)
  5317. {
  5318. dwReturn = ERROR_OUTOFMEMORY;
  5319. BAIL_OUT;
  5320. }
  5321. _tcsncpy(pszFilterActionName, (LPTSTR)parser.Cmd[dwCount].pArg, dwNameLen);
  5322. }
  5323. break;
  5324. case CMD_TOKEN_MIRROR :
  5325. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5326. {
  5327. bMirror = *(BOOL *)parser.Cmd[dwCount].pArg;
  5328. }
  5329. break;
  5330. case CMD_TOKEN_CONNTYPE :
  5331. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5332. {
  5333. switch(*(DWORD *)parser.Cmd[dwCount].pArg)
  5334. {
  5335. case INTERFACE_TYPE_ALL:
  5336. InterfaceType = INTERFACE_TYPE_ALL;
  5337. break;
  5338. case INTERFACE_TYPE_LAN:
  5339. InterfaceType = INTERFACE_TYPE_LAN;
  5340. break;
  5341. case INTERFACE_TYPE_DIALUP:
  5342. InterfaceType = INTERFACE_TYPE_DIALUP;
  5343. break;
  5344. default :
  5345. break;
  5346. }
  5347. }
  5348. break;
  5349. case CMD_TOKEN_DSTADDR :
  5350. if (parser.Cmd[dwCount].dwStatus)
  5351. {
  5352. //
  5353. // special servers id is available in dwStatus
  5354. //
  5355. switch(parser.Cmd[dwCount].dwStatus)
  5356. {
  5357. case SERVER_WINS:
  5358. case SERVER_DHCP:
  5359. case SERVER_DNS:
  5360. case SERVER_GATEWAY:
  5361. case IP_ME:
  5362. case IP_ANY:
  5363. dwDstSplServer = parser.Cmd[dwCount].dwStatus;
  5364. break;
  5365. case NOT_SPLSERVER:
  5366. //
  5367. // if it is not special server get the user given IP address
  5368. //
  5369. DesAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  5370. break;
  5371. default:
  5372. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  5373. dwReturn = ERROR_NO_DISPLAY;
  5374. BAIL_OUT;
  5375. break;
  5376. }
  5377. }
  5378. break;
  5379. case CMD_TOKEN_DSTMASK :
  5380. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5381. {
  5382. DesAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  5383. bDstMask = TRUE;
  5384. }
  5385. break;
  5386. case CMD_TOKEN_SRCADDR :
  5387. if (parser.Cmd[dwCount].dwStatus)
  5388. {
  5389. //
  5390. // special servers id is available in dwStatus
  5391. //
  5392. switch(parser.Cmd[dwCount].dwStatus)
  5393. {
  5394. case IP_ME:
  5395. bSrcMe = TRUE;
  5396. // fallthrough
  5397. case SERVER_WINS:
  5398. case SERVER_DHCP:
  5399. case SERVER_DNS:
  5400. case SERVER_GATEWAY:
  5401. case IP_ANY:
  5402. dwSrcSplServer = parser.Cmd[dwCount].dwStatus;
  5403. break;
  5404. case NOT_SPLSERVER:
  5405. //
  5406. // if it is not special server get the user given IP address
  5407. //
  5408. SrcAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  5409. break;
  5410. default:
  5411. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  5412. dwReturn = ERROR_NO_DISPLAY;
  5413. BAIL_OUT;
  5414. break;
  5415. }
  5416. }
  5417. break;
  5418. case CMD_TOKEN_SRCMASK :
  5419. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5420. {
  5421. SrcAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  5422. bSrcMask = TRUE;
  5423. }
  5424. break;
  5425. case CMD_TOKEN_INBOUND :
  5426. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5427. {
  5428. bInbound = TRUE;
  5429. if(*(DWORD *)parser.Cmd[dwCount].pArg==1)
  5430. {
  5431. Inbound = PASS_THRU;
  5432. }
  5433. else if(*(DWORD *)parser.Cmd[dwCount].pArg==2)
  5434. {
  5435. Inbound = BLOCKING;
  5436. }
  5437. else if(*(DWORD *)parser.Cmd[dwCount].pArg==3)
  5438. {
  5439. Inbound = NEGOTIATE_SECURITY;
  5440. }
  5441. else
  5442. {
  5443. bInbound = FALSE;
  5444. }
  5445. }
  5446. break;
  5447. case CMD_TOKEN_OUTBOUND :
  5448. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5449. {
  5450. bOutbound = TRUE;
  5451. if(*(DWORD *)parser.Cmd[dwCount].pArg==1)
  5452. {
  5453. Outbound = PASS_THRU;
  5454. }
  5455. else if(*(DWORD *)parser.Cmd[dwCount].pArg==2)
  5456. {
  5457. Outbound = BLOCKING;
  5458. }
  5459. else if(*(DWORD *)parser.Cmd[dwCount].pArg==3)
  5460. {
  5461. Outbound = NEGOTIATE_SECURITY;
  5462. }
  5463. else
  5464. {
  5465. bOutbound = FALSE;
  5466. }
  5467. }
  5468. break;
  5469. case CMD_TOKEN_SRCPORT :
  5470. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5471. {
  5472. dwSrcPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  5473. }
  5474. break;
  5475. case CMD_TOKEN_DSTPORT :
  5476. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5477. {
  5478. dwDstPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  5479. }
  5480. break;
  5481. case CMD_TOKEN_PROTO :
  5482. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5483. {
  5484. dwProtocol = *(DWORD *)parser.Cmd[dwCount].pArg;
  5485. }
  5486. break;
  5487. case CMD_TOKEN_TUNNELDST :
  5488. if (parser.Cmd[dwCount].dwStatus)
  5489. {
  5490. //
  5491. // special servers id is available in dwStatus
  5492. //
  5493. switch(parser.Cmd[dwCount].dwStatus)
  5494. {
  5495. case NOT_SPLSERVER:
  5496. //
  5497. // if it is not special server get the user given IP address
  5498. //
  5499. DstTunnel.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  5500. ADDR addr;
  5501. addr.uIpAddr = htonl(DstTunnel.uIpAddr);
  5502. addr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  5503. bTunnel = TRUE;
  5504. if (!IsValidTunnelEndpointAddress(&addr))
  5505. {
  5506. dwReturn = ERROR_INVALID_PARAMETER;
  5507. BAIL_OUT;
  5508. }
  5509. break;
  5510. case SERVER_WINS:
  5511. case SERVER_DHCP:
  5512. case SERVER_DNS:
  5513. case SERVER_GATEWAY:
  5514. case IP_ME:
  5515. case IP_ANY:
  5516. default:
  5517. PrintMessageFromModule(g_hModule, ADD_STATIC_RULE_INVALID_TUNNEL);
  5518. dwReturn = ERROR_NO_DISPLAY;
  5519. BAIL_OUT;
  5520. break;
  5521. }
  5522. }
  5523. break;
  5524. case CMD_TOKEN_KERB :
  5525. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5526. {
  5527. pRuleData->bAuthMethodSpecified = TRUE;
  5528. ++pRuleData->AuthInfos.dwNumAuthInfos;
  5529. pKerbAuth = (PSTA_AUTH_METHODS)parser.Cmd[dwCount].pArg;
  5530. }
  5531. break;
  5532. case CMD_TOKEN_PSK :
  5533. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5534. {
  5535. pRuleData->bAuthMethodSpecified = TRUE;
  5536. ++pRuleData->AuthInfos.dwNumAuthInfos;
  5537. pPskAuth = (PSTA_AUTH_METHODS)parser.Cmd[dwCount].pArg;
  5538. }
  5539. break;
  5540. case CMD_TOKEN_ROOTCA :
  5541. // this case is special, handled below...
  5542. break;
  5543. default :
  5544. break;
  5545. }
  5546. }
  5548. size_t uiRootcaIndex = parser.MaxTok;
  5549. if (parser.Cmd[uiRootcaIndex].dwStatus > 0)
  5550. {
  5551. pRuleData->bAuthMethodSpecified = TRUE;
  5552. pRuleData->AuthInfos.dwNumAuthInfos += parser.Cmd[uiRootcaIndex].dwStatus;
  5553. ppRootcaMMAuth = (PSTA_MM_AUTH_METHODS *)(parser.Cmd[uiRootcaIndex].pArg);
  5554. }
  5556. dwReturn = AddAllAuthMethods(pRuleData, pKerbAuth, pPskAuth, ppRootcaMMAuth, FALSE);
  5557. if (dwReturn != ERROR_SUCCESS)
  5558. {
  5559. BAIL_OUT;
  5560. }
  5562. //
  5563. // Invalid conditions
  5564. //
  5565. if((dwSrcSplServer != NOT_SPLSERVER) && (dwDstSplServer != NOT_SPLSERVER)
  5566. && (dwSrcSplServer != IP_ME) && (dwSrcSplServer != IP_ANY)
  5567. && (dwDstSplServer != IP_ME) && (dwDstSplServer != IP_ANY))
  5568. {
  5569. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_PARSER_ADDRTYPE);
  5570. dwReturn = ERROR_NO_DISPLAY;
  5571. BAIL_OUT;
  5572. }
  5574. //
  5575. // Source address setting up
  5576. //
  5577. if(dwSrcSplServer == NOT_SPLSERVER)
  5578. {
  5579. SrcAddr.AddrType = (SrcAddr.uSubNetMask == IP_ADDRESS_MASK_NONE) ? IP_ADDR_UNIQUE : IP_ADDR_SUBNET;
  5580. }
  5581. else
  5582. {
  5583. AddSplAddr(SrcAddr, dwSrcSplServer);
  5584. }
  5586. //
  5587. // Destination address setting up
  5588. //
  5589. if(dwDstSplServer == NOT_SPLSERVER)
  5590. {
  5591. DesAddr.AddrType = (DesAddr.uSubNetMask == IP_ADDRESS_MASK_NONE) ? IP_ADDR_UNIQUE : IP_ADDR_SUBNET;
  5592. }
  5593. else
  5594. {
  5595. AddSplAddr(DesAddr, dwDstSplServer);
  5596. }
  5598. ADDR tmpAddr;
  5599. tmpAddr.uIpAddr = ntohl(DesAddr.uIpAddr);
  5600. tmpAddr.uSubNetMask = ntohl(DesAddr.uSubNetMask);
  5601. if (IsBroadcastAddress(&tmpAddr) || IsMulticastAddress(&tmpAddr))
  5602. {
  5603. if (bMirror || !bSrcMe ||
  5604. ((Inbound == NEGOTIATE_SECURITY) || (Outbound == NEGOTIATE_SECURITY))
  5605. )
  5606. {
  5607. dwReturn = ERROR_INVALID_PARAMETER;
  5608. BAIL_OUT;
  5609. }
  5610. if (IsBroadcastAddress(&tmpAddr))
  5611. {
  5612. bIsOutboundBroadcast = TRUE;
  5613. }
  5614. }
  5616. //
  5617. // Check if the given MMFilter spec exists
  5618. if (bTunnel)
  5619. {
  5620. AddSplAddr(SrcTunnel, IP_ME);
  5621. if(FindAndGetMMFilterRule(SrcTunnel, DstTunnel, TRUE, InterfaceType, bSrcMask, bDstMask, &pMMFltr, dwReturn))
  5622. {
  5623. dwReturn = SetDynamicMMFilterRule( pszMMPolicyName, *(pMMFltr), pRuleData->AuthInfos);
  5624. }
  5625. else
  5626. {
  5627. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_DELETE_RULE_NO_MMFILTER);
  5628. dwReturn = ERROR_SUCCESS;
  5629. BAIL_OUT;
  5630. }
  5631. }
  5632. else
  5633. {
  5634. // no MM filter if outbound is broadcast and not a tunnel rule
  5635. if (!bIsOutboundBroadcast)
  5636. {
  5637. if(FindAndGetMMFilterRule(SrcAddr, DesAddr, bMirror, InterfaceType, bSrcMask, bDstMask, &pMMFltr, dwReturn))
  5638. {
  5639. dwReturn = SetDynamicMMFilterRule( pszMMPolicyName, *(pMMFltr), pRuleData->AuthInfos);
  5640. }
  5641. else
  5642. {
  5643. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_DELETE_RULE_NO_MMFILTER);
  5644. dwReturn = ERROR_SUCCESS;
  5645. BAIL_OUT;
  5646. }
  5647. }
  5648. }
  5649. //
  5650. // Check if the given Transport spec exists
  5651. //
  5652. if(!bTunnel)
  5653. {
  5654. if(FindAndGetTransportRule(SrcAddr, DesAddr, bMirror, InterfaceType, dwProtocol, dwSrcPort, dwDstPort,
  5655. bSrcMask, bDstMask, &pTransportFltr, dwReturn))
  5656. {
  5657. dwReturn = SetTransportRule(*(pTransportFltr), pszFilterActionName, Inbound, Outbound);
  5658. }
  5659. else
  5660. {
  5661. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_DELETE_RULE_NO_TRANSPORT);
  5662. dwReturn = ERROR_SUCCESS;
  5663. BAIL_OUT;
  5664. }
  5665. }
  5666. //
  5667. // Check if the given Tunnel spec exists
  5668. //
  5669. else
  5670. {
  5671. AddSplAddr(SrcTunnel, IP_ANY);
  5672. if(FindAndGetTunnelRule(SrcAddr, DesAddr, bMirror, InterfaceType, dwProtocol, dwSrcPort, dwDstPort,
  5673. bSrcMask, bDstMask, SrcTunnel, DstTunnel, &pTunnelFltr, dwReturn))
  5674. {
  5675. dwReturn = SetTunnelRule(*(pTunnelFltr), pszFilterActionName, Inbound, Outbound);
  5676. }
  5677. else
  5678. {
  5679. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_DELETE_RULE_NO_TUNNEL);
  5680. dwReturn = ERROR_SUCCESS;
  5681. }
  5682. }
  5684. error:
  5685. CleanupAuthData(&pKerbAuth, &pPskAuth, ppRootcaMMAuth);
  5686. CleanUpLocalRuleDataStructure(pRuleData);
  5687. pRuleData = NULL;
  5689. if(pszMMPolicyName)
  5690. {
  5691. delete [] pszMMPolicyName;
  5692. }
  5694. if(pszFilterActionName)
  5695. {
  5696. delete [] pszFilterActionName;
  5697. }
  5699. if(pMMFltr)
  5700. {
  5701. if(pMMFltr->pszFilterName)
  5702. {
  5703. delete [] pMMFltr->pszFilterName;
  5704. }
  5705. delete pMMFltr;
  5706. }
  5708. if(pTransportFltr)
  5709. {
  5710. if(pTransportFltr->pszFilterName)
  5711. {
  5712. delete [] pTransportFltr->pszFilterName;
  5713. }
  5714. delete pTransportFltr;
  5715. }
  5717. if(pTunnelFltr)
  5718. {
  5719. if(pTunnelFltr->pszFilterName)
  5720. {
  5721. delete [] pTunnelFltr->pszFilterName;
  5722. }
  5723. delete pTunnelFltr;
  5724. }
  5726. if(dwArgCount > 3)
  5727. {
  5728. CleanUp();
  5729. }
  5731. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  5732. {
  5733. //api errors
  5734. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  5735. dwReturn = ERROR_SUCCESS;
  5736. }
  5738. //already one error displayed.
  5739. if(dwReturn == ERROR_NO_DISPLAY)
  5740. {
  5741. dwReturn = ERROR_SUCCESS;
  5742. }
  5744. return dwReturn;
  5745. }
  5747. ///////////////////////////////////////////////////////////////////////////////////////////
  5748. //
  5749. // Function : DeleteIfLastRuleOfMMFilter
  5750. //
  5751. // Date of Creation: 05-19-02
  5752. //
  5753. // Parameters : IN ADDR SrcAddr,
  5754. // IN ADDR DstAddr,
  5755. // IN BOOL bMirror,
  5756. // IN IF_TYPE ConType,
  5757. // IN BOOL bSrcMask,
  5758. // IN BOOL bDstMask,
  5759. // IN OUT DWORD& dwStatus
  5760. //
  5761. //Return : BOOL
  5762. //
  5763. //Description : Deterimines if there exists any transport or tunnel filters
  5764. // may require a MM filter. If not, then it deletes the
  5765. // respective MM filter.
  5766. //
  5767. //Revision History :
  5768. //
  5769. // Date Author Comments
  5770. //
  5771. //////////////////////////////////////////////////////////////////////////////////////////
  5773. DWORD
  5774. DeleteIfLastRuleOfMMFilter(
  5775. IN ADDR SrcAddr,
  5776. IN ADDR DesAddr,
  5777. IN BOOL bMirror,
  5778. IN IF_TYPE InterfaceType,
  5779. IN BOOL bSrcMask,
  5780. IN BOOL bDstMask,
  5781. IN OUT DWORD& dwStatus
  5782. )
  5783. {
  5784. BOOL bLastRuleOfMMFilter = FALSE;
  5785. DWORD dwReturn = ERROR_SUCCESS;
  5786. PMM_FILTER pMMFltr = NULL;
  5788. bLastRuleOfMMFilter = IsLastRuleOfMMFilter(
  5789. SrcAddr,
  5790. DesAddr,
  5791. bMirror,
  5792. InterfaceType,
  5793. bSrcMask,
  5794. bDstMask,
  5795. dwReturn
  5796. );
  5797. if (!dwReturn && bLastRuleOfMMFilter) {
  5798. //
  5799. // Check if the given MMFilter spec exists
  5800. //
  5802. if(FindAndGetMMFilterRule(SrcAddr, DesAddr, bMirror, InterfaceType, bSrcMask, bDstMask, &pMMFltr, dwReturn))
  5803. {
  5804. dwReturn = DeleteMMFilterRule(*(pMMFltr));
  5805. }
  5806. else
  5807. {
  5808. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_DELETE_RULE_NO_MMFILTER);
  5809. dwReturn = ERROR_SUCCESS; //This is to support multiple QMFilters will have
  5810. BAIL_OUT; //single MMFilter
  5811. }
  5812. }
  5814. error:
  5815. dwStatus = dwReturn;
  5817. if(pMMFltr)
  5818. {
  5819. if(pMMFltr->pszFilterName)
  5820. delete [] pMMFltr->pszFilterName;
  5821. delete pMMFltr;
  5822. }
  5824. return dwReturn;
  5825. }
  5827. ///////////////////////////////////////////////////////////////////////////////////////////
  5828. //
  5829. // Function : HandleDynamicDeleteRule
  5830. //
  5831. // Date of Creation: 9-23-2001
  5832. //
  5833. // Parameters :
  5834. // IN LPCWSTR pwszMachine,
  5835. // IN OUT LPWSTR *ppwcArguments,
  5836. // IN DWORD dwCurrentIndex,
  5837. // IN DWORD dwArgCount,
  5838. // IN DWORD dwFlags,
  5839. // IN LPCVOID pvData,
  5840. // OUT BOOL *pbDone
  5841. // Return : DWORD
  5842. //
  5843. // Description :
  5844. //
  5845. // Revision History:
  5846. //
  5847. // Date Author Comments
  5848. //
  5849. //////////////////////////////////////////////////////////////////////////////////////////
  5851. DWORD WINAPI
  5852. HandleDynamicDeleteRule(
  5853. IN LPCWSTR pwszMachine,
  5854. IN OUT LPWSTR *ppwcArguments,
  5855. IN DWORD dwCurrentIndex,
  5856. IN DWORD dwArgCount,
  5857. IN DWORD dwFlags,
  5858. IN LPCVOID pvData,
  5859. OUT BOOL *pbDone
  5860. )
  5861. {
  5862. PTRANSPORT_FILTER pTransportFltr = NULL;
  5863. PTUNNEL_FILTER pTunnelFltr = NULL;
  5864. ADDR DesAddr, SrcAddr, SrcTunnel, DstTunnel;
  5865. IF_TYPE InterfaceType = INTERFACE_TYPE_ALL;
  5866. DWORD dwReturn = ERROR_SHOW_USAGE;
  5867. DWORD dwCount = 0;
  5868. DWORD dwProtocol = 0;
  5869. DWORD dwSrcPort = 0;
  5870. DWORD dwDstPort = 0;
  5871. DWORD dwSrcSplServer = NOT_SPLSERVER;
  5872. DWORD dwDstSplServer = NOT_SPLSERVER;
  5873. BOOL bTunnel = FALSE;
  5874. BOOL bSrcMask = FALSE;
  5875. BOOL bDstMask = FALSE;
  5876. BOOL bMirror = TRUE;
  5877. const TAG_TYPE vcmdDynamicDeleteRule[] =
  5878. {
  5879. { CMD_TOKEN_STR_SRCADDR, NS_REQ_PRESENT, FALSE },
  5880. { CMD_TOKEN_STR_DSTADDR, NS_REQ_PRESENT, FALSE },
  5881. { CMD_TOKEN_STR_PROTO, NS_REQ_PRESENT, FALSE },
  5882. { CMD_TOKEN_STR_SRCPORT, NS_REQ_PRESENT, FALSE },
  5883. { CMD_TOKEN_STR_DSTPORT, NS_REQ_PRESENT, FALSE },
  5884. { CMD_TOKEN_STR_MIRROR, NS_REQ_PRESENT, FALSE },
  5885. { CMD_TOKEN_STR_CONNTYPE, NS_REQ_PRESENT, FALSE },
  5886. { CMD_TOKEN_STR_SRCMASK, NS_REQ_ZERO, FALSE },
  5887. { CMD_TOKEN_STR_DSTMASK, NS_REQ_ZERO, FALSE },
  5888. { CMD_TOKEN_STR_TUNNELDST, NS_REQ_ZERO, FALSE }
  5889. };
  5890. const TOKEN_VALUE vtokDynamicDeleteRule[] =
  5891. {
  5892. { CMD_TOKEN_STR_SRCADDR, CMD_TOKEN_SRCADDR },
  5893. { CMD_TOKEN_STR_DSTADDR, CMD_TOKEN_DSTADDR },
  5894. { CMD_TOKEN_STR_PROTO, CMD_TOKEN_PROTO },
  5895. { CMD_TOKEN_STR_SRCPORT, CMD_TOKEN_SRCPORT },
  5896. { CMD_TOKEN_STR_DSTPORT, CMD_TOKEN_DSTPORT },
  5897. { CMD_TOKEN_STR_MIRROR, CMD_TOKEN_MIRROR },
  5898. { CMD_TOKEN_STR_CONNTYPE, CMD_TOKEN_CONNTYPE },
  5899. { CMD_TOKEN_STR_SRCMASK, CMD_TOKEN_SRCMASK },
  5900. { CMD_TOKEN_STR_DSTMASK, CMD_TOKEN_DSTMASK },
  5901. { CMD_TOKEN_STR_TUNNELDST, CMD_TOKEN_TUNNELDST }
  5902. };
  5903. PARSER_PKT parser;
  5904. ZeroMemory(&parser, sizeof(parser));
  5906. SrcAddr.uIpAddr = 0x0;
  5907. SrcAddr.AddrType = IP_ADDR_UNIQUE;
  5908. SrcAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  5910. DesAddr.uIpAddr = 0x0;
  5911. DesAddr.AddrType = IP_ADDR_UNIQUE;
  5912. DesAddr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  5914. SrcTunnel.uIpAddr = 0x0;
  5915. SrcTunnel.AddrType = IP_ADDR_UNIQUE;
  5916. SrcTunnel.uSubNetMask = IP_ADDRESS_MASK_NONE;
  5918. DstTunnel.uIpAddr = 0x0;
  5919. DstTunnel.AddrType = IP_ADDR_UNIQUE;
  5920. DstTunnel.uSubNetMask = IP_ADDRESS_MASK_NONE;
  5922. //
  5923. // Bail out as user has not given sufficient arguments.
  5924. //
  5925. if(dwArgCount <= 3)
  5926. {
  5927. PrintMessageFromModule(g_hModule, ERR_INVALID_NUM_ARGS, 3);
  5928. BAIL_OUT;
  5929. }
  5930. parser.ValidTok = vtokDynamicDeleteRule;
  5931. parser.MaxTok = SIZEOF_TOKEN_VALUE(vtokDynamicDeleteRule);
  5933. parser.ValidCmd = vcmdDynamicDeleteRule;
  5934. parser.MaxCmd = SIZEOF_TAG_TYPE(vcmdDynamicDeleteRule);
  5936. //
  5937. // Get the user input after parsing the data
  5938. //
  5939. dwReturn = Parser(pwszMachine,ppwcArguments,dwCurrentIndex,dwArgCount,&parser);
  5941. if(dwReturn != ERROR_SUCCESS)
  5942. {
  5943. if(dwReturn == RETURN_NO_ERROR)
  5944. {
  5945. dwReturn = ERROR_NO_DISPLAY;
  5946. BAIL_OUT;
  5947. }
  5948. else
  5949. {
  5950. dwReturn = ERROR_SHOW_USAGE;
  5951. BAIL_OUT;
  5952. }
  5953. }
  5954. //
  5955. // Check for user given tokens from the parser and copy into local variables
  5956. //
  5957. for(dwCount=0;dwCount<parser.MaxTok;dwCount++)
  5958. {
  5959. switch(vtokDynamicDeleteRule[parser.Cmd[dwCount].dwCmdToken].dwValue)
  5960. {
  5961. case CMD_TOKEN_MIRROR :
  5962. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5963. {
  5964. bMirror = *(BOOL *)parser.Cmd[dwCount].pArg;
  5965. }
  5966. break;
  5967. case CMD_TOKEN_CONNTYPE :
  5968. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  5969. {
  5970. switch(*(DWORD *)parser.Cmd[dwCount].pArg)
  5971. {
  5972. case INTERFACE_TYPE_ALL:
  5973. InterfaceType = INTERFACE_TYPE_ALL;
  5974. break;
  5975. case INTERFACE_TYPE_LAN:
  5976. InterfaceType = INTERFACE_TYPE_LAN;
  5977. break;
  5978. case INTERFACE_TYPE_DIALUP:
  5979. InterfaceType = INTERFACE_TYPE_DIALUP;
  5980. break;
  5981. }
  5982. }
  5983. break;
  5984. case CMD_TOKEN_DSTADDR :
  5985. if (parser.Cmd[dwCount].dwStatus)
  5986. {
  5987. //
  5988. // special servers id is available in dwStatus
  5989. //
  5990. switch(parser.Cmd[dwCount].dwStatus)
  5991. {
  5992. case SERVER_WINS:
  5993. case SERVER_DHCP:
  5994. case SERVER_DNS:
  5995. case SERVER_GATEWAY:
  5996. case IP_ME:
  5997. case IP_ANY:
  5998. dwDstSplServer = parser.Cmd[dwCount].dwStatus;
  5999. break;
  6000. case NOT_SPLSERVER:
  6001. //
  6002. // if it is not special server get the user given IP address
  6003. //
  6004. DesAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  6005. break;
  6006. default:
  6007. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  6008. dwReturn = ERROR_NO_DISPLAY;
  6009. BAIL_OUT;
  6010. break;
  6011. }
  6012. }
  6013. break;
  6014. case CMD_TOKEN_SRCADDR :
  6015. if (parser.Cmd[dwCount].dwStatus)
  6016. {
  6017. //
  6018. // Special servers id is available in dwStatus
  6019. //
  6020. switch(parser.Cmd[dwCount].dwStatus)
  6021. {
  6022. case SERVER_WINS:
  6023. case SERVER_DHCP:
  6024. case SERVER_DNS:
  6025. case SERVER_GATEWAY:
  6026. case IP_ME:
  6027. case IP_ANY:
  6028. dwSrcSplServer = parser.Cmd[dwCount].dwStatus;
  6029. break;
  6030. case NOT_SPLSERVER:
  6031. //
  6032. // if it is not special server get the user given IP address
  6033. //
  6034. SrcAddr.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  6035. break;
  6036. default:
  6037. PrintMessageFromModule(g_hModule, ERROR_PARSER_ADDR);
  6038. dwReturn = ERROR_NO_DISPLAY;
  6039. BAIL_OUT;
  6040. break;
  6041. }
  6042. }
  6043. break;
  6044. case CMD_TOKEN_DSTMASK :
  6045. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  6046. {
  6047. DesAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  6048. bDstMask = TRUE;
  6049. }
  6050. break;
  6051. case CMD_TOKEN_SRCMASK :
  6052. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  6053. {
  6054. SrcAddr.uSubNetMask = *(IPAddr *)parser.Cmd[dwCount].pArg;
  6055. bSrcMask = TRUE;
  6056. }
  6057. break;
  6058. case CMD_TOKEN_SRCPORT :
  6059. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  6060. {
  6061. dwSrcPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  6062. }
  6063. break;
  6064. case CMD_TOKEN_DSTPORT :
  6065. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  6066. {
  6067. dwDstPort = *(DWORD *)parser.Cmd[dwCount].pArg;
  6068. }
  6069. break;
  6070. case CMD_TOKEN_PROTO :
  6071. if (parser.Cmd[dwCount].dwStatus == VALID_TOKEN)
  6072. {
  6073. dwProtocol = *(DWORD *)parser.Cmd[dwCount].pArg;
  6074. }
  6075. break;
  6076. case CMD_TOKEN_TUNNELDST :
  6077. if (parser.Cmd[dwCount].dwStatus)
  6078. {
  6079. //
  6080. // Special servers id is available in dwStatus
  6081. //
  6082. switch(parser.Cmd[dwCount].dwStatus)
  6083. {
  6084. case NOT_SPLSERVER:
  6085. //
  6086. // if it is not special server get the user given IP address
  6087. //
  6088. DstTunnel.uIpAddr = *(IPAddr *)parser.Cmd[dwCount].pArg;
  6089. bTunnel = TRUE;
  6090. ADDR addr;
  6091. addr.uIpAddr = htonl(DstTunnel.uIpAddr);
  6092. addr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  6094. if (!IsValidTunnelEndpointAddress(&addr))
  6095. {
  6096. dwReturn = ERROR_INVALID_PARAMETER;
  6097. BAIL_OUT;
  6098. }
  6099. break;
  6100. case SERVER_WINS:
  6101. case SERVER_DHCP:
  6102. case SERVER_DNS:
  6103. case SERVER_GATEWAY:
  6104. case IP_ME:
  6105. case IP_ANY:
  6106. default:
  6107. PrintMessageFromModule(g_hModule, ADD_STATIC_RULE_INVALID_TUNNEL);
  6108. dwReturn = ERROR_NO_DISPLAY;
  6109. BAIL_OUT;
  6110. break;
  6111. }
  6112. }
  6113. break;
  6114. default :
  6115. break;
  6116. }
  6117. }
  6119. if((dwSrcSplServer != NOT_SPLSERVER) && (dwDstSplServer != NOT_SPLSERVER)
  6120. && (dwSrcSplServer != IP_ME) && (dwSrcSplServer != IP_ANY)
  6121. && (dwDstSplServer != IP_ME) && (dwDstSplServer != IP_ANY))
  6122. {
  6123. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_PARSER_ADDRTYPE);
  6124. dwReturn = ERROR_NO_DISPLAY;
  6125. BAIL_OUT;
  6126. }
  6128. //
  6129. // Source address setting up
  6130. //
  6131. if(dwSrcSplServer == NOT_SPLSERVER)
  6132. {
  6133. SrcAddr.AddrType = (SrcAddr.uSubNetMask == IP_ADDRESS_MASK_NONE) ? IP_ADDR_UNIQUE : IP_ADDR_SUBNET;
  6134. }
  6135. else
  6136. {
  6137. AddSplAddr(SrcAddr, dwSrcSplServer);
  6138. }
  6140. //
  6141. // Destination address setting up
  6142. //
  6143. if(dwDstSplServer == NOT_SPLSERVER)
  6144. {
  6145. DesAddr.AddrType = (DesAddr.uSubNetMask == IP_ADDRESS_MASK_NONE) ? IP_ADDR_UNIQUE : IP_ADDR_SUBNET;
  6146. }
  6147. else
  6148. {
  6149. AddSplAddr(DesAddr, dwDstSplServer);
  6150. }
  6152. if(!bTunnel)
  6153. {
  6154. //
  6155. // Check if the given Transport filter spec exists
  6156. //
  6157. if(FindAndGetTransportRule(SrcAddr, DesAddr, bMirror, InterfaceType, dwProtocol, dwSrcPort, dwDstPort,
  6158. bSrcMask, bDstMask, &pTransportFltr, dwReturn))
  6159. {
  6160. dwReturn = DeleteTransportRule(*(pTransportFltr));
  6162. BAIL_ON_WIN32_ERROR(dwReturn);
  6163. dwReturn = DeleteIfLastRuleOfMMFilter(
  6164. SrcAddr,
  6165. DesAddr,
  6166. bMirror,
  6167. InterfaceType,
  6168. bSrcMask,
  6169. bDstMask,
  6170. dwReturn
  6171. );
  6172. }
  6173. else
  6174. {
  6175. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_DELETE_RULE_NO_TRANSPORT);
  6176. dwReturn = ERROR_SUCCESS;
  6177. BAIL_OUT;
  6178. }
  6180. }
  6181. //
  6182. // Check if the given Tunnel filter spec exists
  6183. //
  6184. else
  6185. {
  6186. AddSplAddr(SrcTunnel, IP_ANY);
  6188. if(FindAndGetTunnelRule(SrcAddr, DesAddr, bMirror, InterfaceType, dwProtocol, dwSrcPort, dwDstPort,
  6189. bSrcMask, bDstMask, SrcTunnel, DstTunnel, &pTunnelFltr, dwReturn))
  6190. {
  6191. dwReturn = DeleteTunnelRule(*(pTunnelFltr));
  6192. BAIL_ON_WIN32_ERROR(dwReturn);
  6194. AddSplAddr(SrcTunnel, IP_ME);
  6195. dwReturn = DeleteIfLastRuleOfMMFilter(
  6196. SrcTunnel,
  6197. DstTunnel,
  6198. TRUE,
  6199. InterfaceType,
  6200. FALSE, // bSrcMask
  6201. FALSE, // bDstMask
  6202. dwReturn
  6203. );
  6204. }
  6205. else
  6206. {
  6207. PrintErrorMessage(IPSEC_ERR,0,ERRCODE_DELETE_RULE_NO_TUNNEL);
  6208. dwReturn = ERROR_SUCCESS;
  6209. BAIL_OUT;
  6210. }
  6211. }
  6214. error:
  6215. if(dwArgCount > 3)
  6216. {
  6217. CleanUp();
  6218. }
  6220. if(pTransportFltr)
  6221. {
  6222. if(pTransportFltr->pszFilterName)
  6223. delete [] pTransportFltr->pszFilterName;
  6224. delete pTransportFltr;
  6225. }
  6226. if(pTunnelFltr)
  6227. {
  6228. if(pTunnelFltr->pszFilterName)
  6229. delete [] pTunnelFltr->pszFilterName;
  6230. delete pTunnelFltr;
  6231. }
  6232. if((dwReturn != ERROR_SUCCESS) && (dwReturn != ERROR_SHOW_USAGE)&&(dwReturn != ERROR_NO_DISPLAY))
  6233. {
  6234. //api errors
  6235. PrintErrorMessage(WIN32_ERR, dwReturn, NULL);
  6236. dwReturn = ERROR_SUCCESS;
  6237. }
  6238. //already one error displayed.
  6239. if(dwReturn == ERROR_NO_DISPLAY)
  6240. {
  6241. dwReturn = ERROR_SUCCESS;
  6242. }
  6244. return dwReturn;
  6245. }
  6247. ///////////////////////////////////////////////////////////////////////////////////////////
  6248. //
  6249. // Function : AddSplAddr
  6250. //
  6251. // Date of Creation: 11-23-2001
  6252. //
  6253. // Parameters :
  6254. // IN OUT ADDR& Addr,
  6255. // IN DWORD dwSplServer
  6256. // Return : VOID
  6257. //
  6258. // Description : Adds a special server addr.
  6259. //
  6260. // Revision History:
  6261. //
  6262. // Date Author Comments
  6263. //
  6264. //////////////////////////////////////////////////////////////////////////////////////////
  6266. VOID
  6267. AddSplAddr(
  6268. IN OUT ADDR& Addr,
  6269. IN DWORD dwSplServer
  6270. )
  6271. {
  6272. //
  6273. // Fill up addr type, mask and uIpaddr for special servers
  6274. //
  6275. switch(dwSplServer)
  6276. {
  6277. case SERVER_WINS:
  6278. Addr.AddrType = IP_ADDR_WINS_SERVER;
  6279. Addr.uIpAddr = IP_ADDRESS_ME;
  6280. Addr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  6281. break;
  6282. case SERVER_DHCP:
  6283. Addr.AddrType = IP_ADDR_DHCP_SERVER;
  6284. Addr.uIpAddr = IP_ADDRESS_ME;
  6285. Addr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  6286. break;
  6287. case SERVER_DNS:
  6288. Addr.AddrType = IP_ADDR_DNS_SERVER;
  6289. Addr.uIpAddr = IP_ADDRESS_ME;
  6290. Addr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  6291. break;
  6292. case SERVER_GATEWAY:
  6293. Addr.AddrType = IP_ADDR_DEFAULT_GATEWAY;
  6294. Addr.uIpAddr = IP_ADDRESS_ME;
  6295. Addr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  6296. break;
  6297. case IP_ME:
  6298. Addr.AddrType = IP_ADDR_UNIQUE;
  6299. Addr.uIpAddr = IP_ADDRESS_ME;
  6300. Addr.uSubNetMask = IP_ADDRESS_MASK_NONE;
  6301. break;
  6302. case IP_ANY:
  6303. Addr.AddrType = IP_ADDR_SUBNET;
  6304. Addr.uIpAddr = SUBNET_ADDRESS_ANY;
  6305. Addr.uSubNetMask = SUBNET_MASK_ANY;
  6306. break;
  6307. default:
  6308. break;
  6310. }
  6311. }