archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/net/ipsec/polstore/import.c

397 lines
9.6 KiB
Raw Normal View History

commiting as it is
4 years ago
  3. #include "precomp.h"
  6. DWORD
  7. ImportPoliciesFromFile(
  8. HANDLE hSrcPolicyStore,
  9. HANDLE hDesPolicyStore
  10. )
  11. {
  12. DWORD dwError = 0;
  13. PIPSEC_POLICY_STORE pSrcPolicyStore = NULL;
  14. PIPSEC_POLICY_DATA * ppIpsecPolicyData = NULL;
  15. DWORD dwNumPolicyObjects = 0;
  16. PIPSEC_POLICY_STORE pDesPolicyStore = NULL;
  19. pSrcPolicyStore = (PIPSEC_POLICY_STORE) hSrcPolicyStore;
  21. dwError = EnablePrivilege(
  22. SE_RESTORE_NAME
  23. );
  24. BAIL_ON_WIN32_ERROR(dwError);
  26. dwError = RegRestoreKeyW(
  27. pSrcPolicyStore->hRegistryKey,
  28. pSrcPolicyStore->pszFileName,
  29. 0
  30. );
  31. BAIL_ON_WIN32_ERROR(dwError);
  33. dwError = DeleteDuplicatePolicyDataBeforeImport(
  34. pSrcPolicyStore,
  35. hDesPolicyStore
  36. );
  37. BAIL_ON_WIN32_ERROR(dwError);
  39. dwError = ImportFilterDataFromFile(
  40. pSrcPolicyStore,
  41. hDesPolicyStore
  42. );
  44. dwError = ImportNegPolDataFromFile(
  45. pSrcPolicyStore,
  46. hDesPolicyStore
  47. );
  49. dwError = ImportISAKMPDataFromFile(
  50. pSrcPolicyStore,
  51. hDesPolicyStore
  52. );
  53. BAIL_ON_WIN32_ERROR(dwError);
  55. dwError = ImportPolicyDataFromFile(
  56. pSrcPolicyStore,
  57. hDesPolicyStore,
  58. &ppIpsecPolicyData,
  59. &dwNumPolicyObjects
  60. );
  61. BAIL_ON_WIN32_ERROR(dwError);
  63. dwError = ImportNFADataFromFile(
  64. pSrcPolicyStore,
  65. hDesPolicyStore,
  66. ppIpsecPolicyData,
  67. dwNumPolicyObjects
  68. );
  69. BAIL_ON_WIN32_ERROR(dwError);
  71. pDesPolicyStore = (PIPSEC_POLICY_STORE) hDesPolicyStore;
  73. if (pDesPolicyStore->dwProvider == IPSEC_REGISTRY_PROVIDER) {
  74. (VOID) RegPingPASvcForActivePolicy(
  75. pDesPolicyStore->hRegistryKey,
  76. pDesPolicyStore->pszIpsecRootContainer,
  77. pDesPolicyStore->pszLocationName
  78. );
  79. }
  81. error:
  83. if (ppIpsecPolicyData) {
  84. FreeMulIpsecPolicyData(
  85. ppIpsecPolicyData,
  86. dwNumPolicyObjects
  87. );
  88. }
  90. FlushRegSaveKey(
  91. pSrcPolicyStore->hRegistryKey
  92. );
  94. return (dwError);
  95. }
  98. DWORD
  99. DeleteDuplicatePolicyDataBeforeImport(
  100. PIPSEC_POLICY_STORE pSrcPolicyStore,
  101. HANDLE hDesPolicyStore
  102. )
  103. {
  104. DWORD dwError = 0;
  105. PIPSEC_POLICY_DATA * ppIpsecPolicyData = NULL;
  106. PIPSEC_POLICY_DATA pIpsecPolicyData = NULL;
  107. DWORD dwNumPolicyObjects = 0;
  108. DWORD i = 0;
  111. dwError = RegEnumPolicyData(
  112. pSrcPolicyStore->hRegistryKey,
  113. pSrcPolicyStore->pszIpsecRootContainer,
  114. &ppIpsecPolicyData,
  115. &dwNumPolicyObjects
  116. );
  118. for (i = 0; i < dwNumPolicyObjects; i++) {
  120. pIpsecPolicyData = * (ppIpsecPolicyData + i);
  122. dwError = VerifyPolicyDataExistence(
  123. hDesPolicyStore,
  124. pIpsecPolicyData->PolicyIdentifier
  125. );
  127. if (!dwError) {
  128. dwError = IPSecDeletePolicy(
  129. hDesPolicyStore,
  130. pIpsecPolicyData
  131. );
  132. }
  134. }
  136. if (ppIpsecPolicyData) {
  137. FreeMulIpsecPolicyData(
  138. ppIpsecPolicyData,
  139. dwNumPolicyObjects
  140. );
  141. }
  143. dwError = ERROR_SUCCESS;
  145. return (dwError);
  146. }
  149. DWORD
  150. IPSecDeletePolicy(
  151. HANDLE hPolicyStore,
  152. PIPSEC_POLICY_DATA pIpsecPolicyData
  153. )
  154. {
  155. DWORD dwError = 0;
  156. PIPSEC_POLICY_STORE pPolicyStore = NULL;
  159. pPolicyStore = (PIPSEC_POLICY_STORE) hPolicyStore;
  161. switch (pPolicyStore->dwProvider) {
  163. case IPSEC_REGISTRY_PROVIDER:
  165. dwError = RegDeletePolicy(
  166. pPolicyStore->hRegistryKey,
  167. pPolicyStore->pszIpsecRootContainer,
  168. pPolicyStore->pszLocationName,
  169. pIpsecPolicyData->PolicyIdentifier
  170. );
  171. BAIL_ON_WIN32_ERROR (dwError);
  172. break;
  174. case IPSEC_DIRECTORY_PROVIDER:
  176. dwError = DirDeletePolicyBeforeImport(
  177. pPolicyStore->hLdapBindHandle,
  178. pPolicyStore->pszIpsecRootContainer,
  179. pIpsecPolicyData->PolicyIdentifier
  180. );
  181. BAIL_ON_WIN32_ERROR (dwError);
  182. break;
  184. }
  186. error:
  188. return (dwError);
  189. }
  192. DWORD
  193. RegDeletePolicy(
  194. HKEY hRegistryKey,
  195. LPWSTR pszIpsecRootContainer,
  196. LPWSTR pszLocationName,
  197. GUID PolicyGUID
  198. )
  199. {
  200. DWORD dwError = 0;
  201. PIPSEC_POLICY_DATA pIpsecPolicyData = NULL;
  202. PIPSEC_NFA_DATA * ppIpsecNFAData = NULL;
  203. DWORD dwNumNFAObjects = 0;
  204. DWORD i = 0;
  205. PIPSEC_NFA_DATA pIpsecNFAData = NULL;
  208. dwError = RegGetPolicyData(
  209. hRegistryKey,
  210. pszIpsecRootContainer,
  211. PolicyGUID,
  212. &pIpsecPolicyData
  213. );
  214. BAIL_ON_WIN32_ERROR(dwError);
  216. dwError = RegEnumNFAData(
  217. hRegistryKey,
  218. pszIpsecRootContainer,
  219. PolicyGUID,
  220. &ppIpsecNFAData,
  221. &dwNumNFAObjects
  222. );
  224. for (i = 0; i < dwNumNFAObjects; i++) {
  226. pIpsecNFAData = *(ppIpsecNFAData + i);
  228. dwError = RegDeleteNFAData(
  229. hRegistryKey,
  230. pszIpsecRootContainer,
  231. PolicyGUID,
  232. pszLocationName,
  233. pIpsecNFAData
  234. );
  236. dwError = RegDeleteDynamicDefaultNegPolData(
  237. hRegistryKey,
  238. pszIpsecRootContainer,
  239. pszLocationName,
  240. pIpsecNFAData->NegPolIdentifier
  241. );
  243. }
  245. dwError = RegDeletePolicyData(
  246. hRegistryKey,
  247. pszIpsecRootContainer,
  248. pIpsecPolicyData
  249. );
  250. BAIL_ON_WIN32_ERROR(dwError);
  252. dwError = RegDeleteISAKMPData(
  253. hRegistryKey,
  254. pszIpsecRootContainer,
  255. pIpsecPolicyData->ISAKMPIdentifier
  256. );
  257. BAIL_ON_WIN32_ERROR(dwError);
  259. error:
  261. if (ppIpsecNFAData) {
  262. FreeMulIpsecNFAData(
  263. ppIpsecNFAData,
  264. dwNumNFAObjects
  265. );
  266. }
  268. if (pIpsecPolicyData) {
  269. FreeIpsecPolicyData(
  270. pIpsecPolicyData
  271. );
  272. }
  274. return (dwError);
  275. }
  278. DWORD
  279. DirDeletePolicyBeforeImport(
  280. HLDAP hLdapBindHandle,
  281. LPWSTR pszIpsecRootContainer,
  282. GUID PolicyIdentifier
  283. )
  284. {
  285. DWORD dwError = 0;
  286. PIPSEC_NFA_DATA * ppIpsecNFAData = NULL;
  287. PIPSEC_NFA_DATA pIpsecNFAData = NULL;
  288. PIPSEC_POLICY_DATA pIpsecPolicyData = NULL;
  289. DWORD dwNumNFAObjects = 0;
  290. DWORD i = 0;
  293. dwError = DirGetPolicyData(
  294. hLdapBindHandle,
  295. pszIpsecRootContainer,
  296. PolicyIdentifier,
  297. &pIpsecPolicyData
  298. );
  299. BAIL_ON_WIN32_ERROR (dwError);
  301. dwError = DirEnumNFAData(
  302. hLdapBindHandle,
  303. pszIpsecRootContainer,
  304. PolicyIdentifier,
  305. &ppIpsecNFAData,
  306. &dwNumNFAObjects
  307. );
  309. for (i = 0; i < dwNumNFAObjects; i++) {
  311. pIpsecNFAData = *(ppIpsecNFAData + i);
  313. dwError = DirDeleteNFAData(
  314. hLdapBindHandle,
  315. pszIpsecRootContainer,
  316. PolicyIdentifier,
  317. pIpsecNFAData
  318. );
  320. dwError = DirDeleteDynamicDefaultNegPolData(
  321. hLdapBindHandle,
  322. pszIpsecRootContainer,
  323. pIpsecNFAData->NegPolIdentifier
  324. );
  326. }
  328. dwError = DirDeleteISAKMPData(
  329. hLdapBindHandle,
  330. pszIpsecRootContainer,
  331. pIpsecPolicyData->ISAKMPIdentifier
  332. );
  333. BAIL_ON_WIN32_ERROR (dwError);
  335. error:
  337. if (ppIpsecNFAData) {
  338. FreeMulIpsecNFAData(
  339. ppIpsecNFAData,
  340. dwNumNFAObjects
  341. );
  342. }
  344. if (pIpsecPolicyData) {
  345. FreeIpsecPolicyData(
  346. pIpsecPolicyData
  347. );
  348. }
  350. return (dwError);
  351. }
  354. DWORD
  355. DirDeleteDynamicDefaultNegPolData(
  356. HLDAP hLdapBindHandle,
  357. LPWSTR pszIpsecRootContainer,
  358. GUID NegPolGUID
  359. )
  360. {
  361. DWORD dwError = 0;
  362. PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
  365. dwError = DirGetNegPolData(
  366. hLdapBindHandle,
  367. pszIpsecRootContainer,
  368. NegPolGUID,
  369. &pIpsecNegPolData
  370. );
  371. BAIL_ON_WIN32_ERROR(dwError);
  373. if (!memcmp(
  374. &(pIpsecNegPolData->NegPolType),
  375. &(GUID_NEGOTIATION_TYPE_DEFAULT),
  376. sizeof(GUID))) {
  378. dwError = DirDeleteNegPolData(
  379. hLdapBindHandle,
  380. pszIpsecRootContainer,
  381. NegPolGUID
  382. );
  383. BAIL_ON_WIN32_ERROR(dwError);
  385. }
  387. error:
  389. if (pIpsecNegPolData) {
  390. FreeIpsecNegPolData(
  391. pIpsecNegPolData
  392. );
  393. }
  395. return (dwError);
  396. }