Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

956 lines
26 KiB

#include "precomp.h"
DWORD
RegRestoreDefaults(
HANDLE hPolicyStore,
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
LPWSTR pszLocationName
)
{
DWORD dwError = 0;
LPWSTR * ppszIpsecAllFilterNFAReferences = NULL;
DWORD dwNumAllFilterNFAReferences = 0;
LPWSTR * ppszIpsecAllICMPFilterNFAReferences = NULL;
DWORD dwNumAllICMPFilterNFAReferences = 0;
LPWSTR * ppszIpsecPermitNegPolNFAReferences = NULL;
DWORD dwNumPermitNegPolNFAReferences = 0;
LPWSTR * ppszIpsecSecIniNegPolNFAReferences = NULL;
DWORD dwNumSecIniNegPolNFAReferences = 0;
LPWSTR * ppszIpsecLockdownNegPolNFAReferences = NULL;
DWORD dwNumLockdownNegPolNFAReferences = 0;
LPWSTR * ppszIpsecLockdownISAKMPPolicyReferences = NULL;
DWORD dwNumLockdownISAKMPPolicyReferences = 0;
LPWSTR * ppszIpsecSecIniISAKMPPolicyReferences = NULL;
DWORD dwNumSecIniISAKMPPolicyReferences = 0;
LPWSTR * ppszIpsecResponderISAKMPPolicyReferences = NULL;
DWORD dwNumResponderISAKMPPolicyReferences = 0;
LPWSTR * ppszIpsecDefaultISAKMPPolicyReferences = NULL;
DWORD dwNumDefaultISAKMPPolicyReferences = 0;
static const GUID GUID_ALL_FILTER=
{ 0x7238523a, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_ALL_ICMP_FILTER =
{ 0x72385235, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_PERMIT_NEGPOL =
{ 0x7238523b, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_SECURE_INITIATOR_NEGPOL =
{ 0x72385233, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_LOCKDOWN_NEGPOL =
{ 0x7238523f, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_RESPONDER_ISAKMP =
{ 0x72385237, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_SECURE_INITIATOR_ISAKMP =
{ 0x72385231, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_LOCKDOWN_ISAKMP =
{ 0x7238523d, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_DEFAULT_ISAKMP=
{ 0x72385234, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
dwError = RegRemoveDefaults(
hRegistryKey,
pszIpsecRootContainer,
pszLocationName
);
dwError = RegDeleteDefaultFilterData(
hRegistryKey,
pszIpsecRootContainer,
GUID_ALL_FILTER,
&ppszIpsecAllFilterNFAReferences,
&dwNumAllFilterNFAReferences
);
dwError = RegDeleteDefaultFilterData(
hRegistryKey,
pszIpsecRootContainer,
GUID_ALL_ICMP_FILTER,
&ppszIpsecAllICMPFilterNFAReferences,
&dwNumAllICMPFilterNFAReferences
);
dwError = RegDeleteDefaultNegPolData(
hRegistryKey,
pszIpsecRootContainer,
GUID_PERMIT_NEGPOL,
&ppszIpsecPermitNegPolNFAReferences,
&dwNumPermitNegPolNFAReferences
);
dwError = RegDeleteDefaultNegPolData(
hRegistryKey,
pszIpsecRootContainer,
GUID_SECURE_INITIATOR_NEGPOL,
&ppszIpsecSecIniNegPolNFAReferences,
&dwNumSecIniNegPolNFAReferences
);
dwError = RegDeleteDefaultNegPolData(
hRegistryKey,
pszIpsecRootContainer,
GUID_LOCKDOWN_NEGPOL,
&ppszIpsecLockdownNegPolNFAReferences,
&dwNumLockdownNegPolNFAReferences
);
dwError = RegDeleteDefaultISAKMPData(
hRegistryKey,
pszIpsecRootContainer,
GUID_LOCKDOWN_ISAKMP,
&ppszIpsecLockdownISAKMPPolicyReferences,
&dwNumLockdownISAKMPPolicyReferences
);
dwError = RegDeleteDefaultISAKMPData(
hRegistryKey,
pszIpsecRootContainer,
GUID_SECURE_INITIATOR_ISAKMP,
&ppszIpsecSecIniISAKMPPolicyReferences,
&dwNumSecIniISAKMPPolicyReferences
);
dwError = RegDeleteDefaultISAKMPData(
hRegistryKey,
pszIpsecRootContainer,
GUID_RESPONDER_ISAKMP,
&ppszIpsecResponderISAKMPPolicyReferences,
&dwNumResponderISAKMPPolicyReferences
);
dwError = RegDeleteDefaultISAKMPData(
hRegistryKey,
pszIpsecRootContainer,
GUID_DEFAULT_ISAKMP,
&ppszIpsecDefaultISAKMPPolicyReferences,
&dwNumDefaultISAKMPPolicyReferences
);
dwError = GenerateDefaultInformation(
hPolicyStore
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = RegUpdateFilterOwnersReference(
hRegistryKey,
pszIpsecRootContainer,
GUID_ALL_FILTER,
ppszIpsecAllFilterNFAReferences,
dwNumAllFilterNFAReferences
);
dwError = RegUpdateFilterOwnersReference(
hRegistryKey,
pszIpsecRootContainer,
GUID_ALL_ICMP_FILTER,
ppszIpsecAllICMPFilterNFAReferences,
dwNumAllICMPFilterNFAReferences
);
dwError = RegUpdateNegPolOwnersReference(
hRegistryKey,
pszIpsecRootContainer,
GUID_LOCKDOWN_NEGPOL,
ppszIpsecLockdownNegPolNFAReferences,
dwNumLockdownNegPolNFAReferences
);
dwError = RegUpdateNegPolOwnersReference(
hRegistryKey,
pszIpsecRootContainer,
GUID_SECURE_INITIATOR_NEGPOL,
ppszIpsecSecIniNegPolNFAReferences,
dwNumSecIniNegPolNFAReferences
);
dwError = RegUpdateNegPolOwnersReference(
hRegistryKey,
pszIpsecRootContainer,
GUID_PERMIT_NEGPOL,
ppszIpsecPermitNegPolNFAReferences,
dwNumPermitNegPolNFAReferences
);
dwError = RegUpdateISAKMPOwnersReference(
hRegistryKey,
pszIpsecRootContainer,
GUID_LOCKDOWN_ISAKMP,
ppszIpsecLockdownISAKMPPolicyReferences,
dwNumLockdownISAKMPPolicyReferences
);
dwError = RegUpdateISAKMPOwnersReference(
hRegistryKey,
pszIpsecRootContainer,
GUID_SECURE_INITIATOR_ISAKMP,
ppszIpsecSecIniISAKMPPolicyReferences,
dwNumSecIniISAKMPPolicyReferences
);
dwError = RegUpdateISAKMPOwnersReference(
hRegistryKey,
pszIpsecRootContainer,
GUID_RESPONDER_ISAKMP,
ppszIpsecResponderISAKMPPolicyReferences,
dwNumResponderISAKMPPolicyReferences
);
dwError = RegUpdateISAKMPOwnersReference(
hRegistryKey,
pszIpsecRootContainer,
GUID_DEFAULT_ISAKMP,
ppszIpsecDefaultISAKMPPolicyReferences,
dwNumDefaultISAKMPPolicyReferences
);
(VOID) RegPingPASvcForActivePolicy(
hRegistryKey,
pszIpsecRootContainer,
pszLocationName
);
error:
if (ppszIpsecAllFilterNFAReferences) {
FreeNFAReferences(
ppszIpsecAllFilterNFAReferences,
dwNumAllFilterNFAReferences
);
}
if (ppszIpsecAllICMPFilterNFAReferences) {
FreeNFAReferences(
ppszIpsecAllICMPFilterNFAReferences,
dwNumAllICMPFilterNFAReferences
);
}
if (ppszIpsecPermitNegPolNFAReferences) {
FreeNFAReferences(
ppszIpsecPermitNegPolNFAReferences,
dwNumPermitNegPolNFAReferences
);
}
if (ppszIpsecSecIniNegPolNFAReferences) {
FreeNFAReferences(
ppszIpsecSecIniNegPolNFAReferences,
dwNumSecIniNegPolNFAReferences
);
}
if (ppszIpsecLockdownNegPolNFAReferences) {
FreeNFAReferences(
ppszIpsecLockdownNegPolNFAReferences,
dwNumLockdownNegPolNFAReferences
);
}
if (ppszIpsecResponderISAKMPPolicyReferences) {
FreeNFAReferences(
ppszIpsecResponderISAKMPPolicyReferences,
dwNumResponderISAKMPPolicyReferences
);
}
if (ppszIpsecSecIniISAKMPPolicyReferences) {
FreeNFAReferences(
ppszIpsecSecIniISAKMPPolicyReferences,
dwNumSecIniISAKMPPolicyReferences
);
}
if (ppszIpsecLockdownISAKMPPolicyReferences) {
FreeNFAReferences(
ppszIpsecLockdownISAKMPPolicyReferences,
dwNumLockdownISAKMPPolicyReferences
);
}
if (ppszIpsecDefaultISAKMPPolicyReferences) {
FreeNFAReferences(
ppszIpsecDefaultISAKMPPolicyReferences,
dwNumDefaultISAKMPPolicyReferences
);
}
return (dwError);
}
DWORD
RegRemoveDefaults(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
LPWSTR pszLocationName
)
{
DWORD dwError = 0;
static const GUID GUID_RESPONDER_POLICY =
{ 0x72385236, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_SECURE_INITIATOR_POLICY =
{ 0x72385230, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
static const GUID GUID_LOCKDOWN_POLICY =
{ 0x7238523c, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
dwError = RegDeleteDefaultPolicyData(
hRegistryKey,
pszIpsecRootContainer,
pszLocationName,
GUID_LOCKDOWN_POLICY
);
dwError = RegDeleteDefaultPolicyData(
hRegistryKey,
pszIpsecRootContainer,
pszLocationName,
GUID_SECURE_INITIATOR_POLICY
);
dwError = RegDeleteDefaultPolicyData(
hRegistryKey,
pszIpsecRootContainer,
pszLocationName,
GUID_RESPONDER_POLICY
);
dwError = ERROR_SUCCESS;
return (dwError);
}
DWORD
RegDeleteDefaultPolicyData(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
LPWSTR pszLocationName,
GUID PolicyGUID
)
{
DWORD dwError = 0;
PIPSEC_POLICY_DATA pIpsecPolicyData = NULL;
PIPSEC_NFA_DATA * ppIpsecNFAData = NULL;
DWORD dwNumNFAObjects = 0;
DWORD i = 0;
PIPSEC_NFA_DATA pIpsecNFAData = NULL;
dwError = RegGetPolicyData(
hRegistryKey,
pszIpsecRootContainer,
PolicyGUID,
&pIpsecPolicyData
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = RegEnumNFAData(
hRegistryKey,
pszIpsecRootContainer,
PolicyGUID,
&ppIpsecNFAData,
&dwNumNFAObjects
);
for (i = 0; i < dwNumNFAObjects; i++) {
pIpsecNFAData = *(ppIpsecNFAData + i);
dwError = RegDeleteNFAData(
hRegistryKey,
pszIpsecRootContainer,
PolicyGUID,
pszLocationName,
pIpsecNFAData
);
dwError = RegDeleteDynamicDefaultNegPolData(
hRegistryKey,
pszIpsecRootContainer,
pszLocationName,
pIpsecNFAData->NegPolIdentifier
);
}
dwError = RegDeletePolicyData(
hRegistryKey,
pszIpsecRootContainer,
pIpsecPolicyData
);
BAIL_ON_WIN32_ERROR(dwError);
error:
if (ppIpsecNFAData) {
FreeMulIpsecNFAData(
ppIpsecNFAData,
dwNumNFAObjects
);
}
if (pIpsecPolicyData) {
FreeIpsecPolicyData(
pIpsecPolicyData
);
}
return(dwError);
}
DWORD
RegDeleteDynamicDefaultNegPolData(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
LPWSTR pszLocationName,
GUID NegPolGUID
)
{
DWORD dwError = 0;
PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
dwError = RegGetNegPolData(
hRegistryKey,
pszIpsecRootContainer,
NegPolGUID,
&pIpsecNegPolData
);
BAIL_ON_WIN32_ERROR(dwError);
if (!memcmp(
&(pIpsecNegPolData->NegPolType),
&(GUID_NEGOTIATION_TYPE_DEFAULT),
sizeof(GUID))) {
dwError = RegDeleteNegPolData(
hRegistryKey,
pszIpsecRootContainer,
NegPolGUID
);
BAIL_ON_WIN32_ERROR(dwError);
}
error:
if (pIpsecNegPolData) {
FreeIpsecNegPolData(
pIpsecNegPolData
);
}
return(dwError);
}
DWORD
RegDeleteDefaultFilterData(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
GUID FilterIdentifier,
LPWSTR ** pppszIpsecNFAReferences,
PDWORD pdwNumReferences
)
{
DWORD dwError = 0;
*pppszIpsecNFAReferences = NULL;
*pdwNumReferences = 0;
dwError = RegRemoveOwnersReferenceInFilter(
hRegistryKey,
pszIpsecRootContainer,
FilterIdentifier,
pppszIpsecNFAReferences,
pdwNumReferences
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = RegDeleteFilterData(
hRegistryKey,
pszIpsecRootContainer,
FilterIdentifier
);
error:
return (dwError);
}
DWORD
RegDeleteDefaultNegPolData(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
GUID NegPolIdentifier,
LPWSTR ** pppszIpsecNFAReferences,
PDWORD pdwNumReferences
)
{
DWORD dwError = 0;
*pppszIpsecNFAReferences = NULL;
*pdwNumReferences = 0;
dwError = RegRemoveOwnersReferenceInNegPol(
hRegistryKey,
pszIpsecRootContainer,
NegPolIdentifier,
pppszIpsecNFAReferences,
pdwNumReferences
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = RegDeleteNegPolData(
hRegistryKey,
pszIpsecRootContainer,
NegPolIdentifier
);
error:
return (dwError);
}
DWORD
RegDeleteDefaultISAKMPData(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
GUID ISAKMPIdentifier,
LPWSTR ** pppszIpsecPolicyReferences,
PDWORD pdwNumReferences
)
{
DWORD dwError = 0;
*pppszIpsecPolicyReferences = NULL;
*pdwNumReferences = 0;
dwError = RegRemoveOwnersReferenceInISAKMP(
hRegistryKey,
pszIpsecRootContainer,
ISAKMPIdentifier,
pppszIpsecPolicyReferences,
pdwNumReferences
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = RegDeleteISAKMPData(
hRegistryKey,
pszIpsecRootContainer,
ISAKMPIdentifier
);
error:
return (dwError);
}
DWORD
RegRemoveOwnersReferenceInFilter(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
GUID FilterIdentifier,
LPWSTR ** pppszIpsecNFAReferences,
PDWORD pdwNumReferences
)
{
DWORD dwError = 0;
LPWSTR pszIpsecFilterReference = NULL;
DWORD dwRootPathLen = 0;
LPWSTR pszRelativeName = NULL;
LPWSTR * ppszIpsecNFAReferences = NULL;
DWORD dwNumReferences = 0;
DWORD i = 0;
LPWSTR pszIpsecNFAReference = NULL;
dwError = ConvertGuidToFilterString(
FilterIdentifier,
pszIpsecRootContainer,
&pszIpsecFilterReference
);
BAIL_ON_WIN32_ERROR(dwError);
dwRootPathLen = wcslen(pszIpsecRootContainer);
pszRelativeName = pszIpsecFilterReference + dwRootPathLen + 1;
dwError = RegGetNFAReferencesForFilter(
hRegistryKey,
pszIpsecRootContainer,
pszRelativeName,
&ppszIpsecNFAReferences,
&dwNumReferences
);
for (i = 0; i < dwNumReferences; i++) {
pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
dwError = RegDeleteNFAReferenceInFilterObject(
hRegistryKey,
pszRelativeName,
pszIpsecNFAReference
);
}
*pppszIpsecNFAReferences = ppszIpsecNFAReferences;
*pdwNumReferences = dwNumReferences;
cleanup:
if (pszIpsecFilterReference) {
FreePolStr(
pszIpsecFilterReference
);
}
return(dwError);
error:
if (ppszIpsecNFAReferences) {
FreeNFAReferences(
ppszIpsecNFAReferences,
dwNumReferences
);
}
*pppszIpsecNFAReferences = NULL;
*pdwNumReferences = 0;
goto cleanup;
}
DWORD
RegRemoveOwnersReferenceInNegPol(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
GUID NegPolIdentifier,
LPWSTR ** pppszIpsecNFAReferences,
PDWORD pdwNumReferences
)
{
DWORD dwError = 0;
LPWSTR pszIpsecNegPolReference = NULL;
DWORD dwRootPathLen = 0;
LPWSTR pszRelativeName = NULL;
LPWSTR * ppszIpsecNFAReferences = NULL;
DWORD dwNumReferences = 0;
DWORD i = 0;
LPWSTR pszIpsecNFAReference = NULL;
dwError = ConvertGuidToNegPolString(
NegPolIdentifier,
pszIpsecRootContainer,
&pszIpsecNegPolReference
);
BAIL_ON_WIN32_ERROR(dwError);
dwRootPathLen = wcslen(pszIpsecRootContainer);
pszRelativeName = pszIpsecNegPolReference + dwRootPathLen + 1;
dwError = RegGetNFAReferencesForNegPol(
hRegistryKey,
pszIpsecRootContainer,
pszRelativeName,
&ppszIpsecNFAReferences,
&dwNumReferences
);
for (i = 0; i < dwNumReferences; i++) {
pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
dwError = RegDeleteNFAReferenceInNegPolObject(
hRegistryKey,
pszRelativeName,
pszIpsecNFAReference
);
}
*pppszIpsecNFAReferences = ppszIpsecNFAReferences;
*pdwNumReferences = dwNumReferences;
cleanup:
if (pszIpsecNegPolReference) {
FreePolStr(
pszIpsecNegPolReference
);
}
return(dwError);
error:
if (ppszIpsecNFAReferences) {
FreeNFAReferences(
ppszIpsecNFAReferences,
dwNumReferences
);
}
*pppszIpsecNFAReferences = NULL;
*pdwNumReferences = 0;
goto cleanup;
}
DWORD
RegRemoveOwnersReferenceInISAKMP(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
GUID ISAKMPIdentifier,
LPWSTR ** pppszIpsecPolicyReferences,
PDWORD pdwNumReferences
)
{
DWORD dwError = 0;
LPWSTR pszIpsecISAKMPReference = NULL;
DWORD dwRootPathLen = 0;
LPWSTR pszRelativeName = NULL;
LPWSTR * ppszIpsecPolicyReferences = NULL;
DWORD dwNumReferences = 0;
DWORD i = 0;
LPWSTR pszIpsecPolicyReference = NULL;
dwError = ConvertGuidToISAKMPString(
ISAKMPIdentifier,
pszIpsecRootContainer,
&pszIpsecISAKMPReference
);
BAIL_ON_WIN32_ERROR(dwError);
dwRootPathLen = wcslen(pszIpsecRootContainer);
pszRelativeName = pszIpsecISAKMPReference + dwRootPathLen + 1;
dwError = RegGetPolicyReferencesForISAKMP(
hRegistryKey,
pszIpsecRootContainer,
pszRelativeName,
&ppszIpsecPolicyReferences,
&dwNumReferences
);
for (i = 0; i < dwNumReferences; i++) {
pszIpsecPolicyReference = *(ppszIpsecPolicyReferences + i);
dwError = RegRemovePolicyReferenceFromISAKMPObject(
hRegistryKey,
pszRelativeName,
pszIpsecPolicyReference
);
}
*pppszIpsecPolicyReferences = ppszIpsecPolicyReferences;
*pdwNumReferences = dwNumReferences;
cleanup:
if (pszIpsecISAKMPReference) {
FreePolStr(
pszIpsecISAKMPReference
);
}
return(dwError);
error:
if (ppszIpsecPolicyReferences) {
FreeNFAReferences(
ppszIpsecPolicyReferences,
dwNumReferences
);
}
*pppszIpsecPolicyReferences = NULL;
*pdwNumReferences = 0;
goto cleanup;
}
DWORD
RegUpdateFilterOwnersReference(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
GUID FilterIdentifier,
LPWSTR * ppszIpsecNFAReferences,
DWORD dwNumNFAReferences
)
{
DWORD dwError = 0;
LPWSTR pszIpsecFilterReference = NULL;
DWORD dwRootPathLen = 0;
LPWSTR pszRelativeName = NULL;
DWORD i = 0;
LPWSTR pszIpsecNFAReference = NULL;
dwError = ConvertGuidToFilterString(
FilterIdentifier,
pszIpsecRootContainer,
&pszIpsecFilterReference
);
BAIL_ON_WIN32_ERROR(dwError);
dwRootPathLen = wcslen(pszIpsecRootContainer);
pszRelativeName = pszIpsecFilterReference + dwRootPathLen + 1;
for (i = 0; i < dwNumNFAReferences; i++) {
pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
dwError = RegAddNFAReferenceToFilterObject(
hRegistryKey,
pszRelativeName,
pszIpsecNFAReference
);
BAIL_ON_WIN32_ERROR(dwError);
}
error:
if (pszIpsecFilterReference) {
FreePolStr(
pszIpsecFilterReference
);
}
return(dwError);
}
DWORD
RegUpdateNegPolOwnersReference(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
GUID NegPolIdentifier,
LPWSTR * ppszIpsecNFAReferences,
DWORD dwNumNFAReferences
)
{
DWORD dwError = 0;
LPWSTR pszIpsecNegPolReference = NULL;
DWORD dwRootPathLen = 0;
LPWSTR pszRelativeName = NULL;
DWORD i = 0;
LPWSTR pszIpsecNFAReference = NULL;
dwError = ConvertGuidToNegPolString(
NegPolIdentifier,
pszIpsecRootContainer,
&pszIpsecNegPolReference
);
BAIL_ON_WIN32_ERROR(dwError);
dwRootPathLen = wcslen(pszIpsecRootContainer);
pszRelativeName = pszIpsecNegPolReference + dwRootPathLen + 1;
for (i = 0; i < dwNumNFAReferences; i++) {
pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
dwError = RegAddNFAReferenceToNegPolObject(
hRegistryKey,
pszRelativeName,
pszIpsecNFAReference
);
BAIL_ON_WIN32_ERROR(dwError);
}
error:
if (pszIpsecNegPolReference) {
FreePolStr(
pszIpsecNegPolReference
);
}
return(dwError);
}
DWORD
RegUpdateISAKMPOwnersReference(
HKEY hRegistryKey,
LPWSTR pszIpsecRootContainer,
GUID ISAKMPIdentifier,
LPWSTR * ppszIpsecPolicyReferences,
DWORD dwNumPolicyReferences
)
{
DWORD dwError = 0;
LPWSTR pszIpsecISAKMPReference = NULL;
DWORD dwRootPathLen = 0;
LPWSTR pszRelativeName = NULL;
DWORD i = 0;
LPWSTR pszIpsecPolicyReference = NULL;
dwError = ConvertGuidToISAKMPString(
ISAKMPIdentifier,
pszIpsecRootContainer,
&pszIpsecISAKMPReference
);
BAIL_ON_WIN32_ERROR(dwError);
dwRootPathLen = wcslen(pszIpsecRootContainer);
pszRelativeName = pszIpsecISAKMPReference + dwRootPathLen + 1;
for (i = 0; i < dwNumPolicyReferences; i++) {
pszIpsecPolicyReference = *(ppszIpsecPolicyReferences + i);
dwError = RegAddPolicyReferenceToISAKMPObject(
hRegistryKey,
pszRelativeName,
pszIpsecPolicyReference
);
BAIL_ON_WIN32_ERROR(dwError);
}
error:
if (pszIpsecISAKMPReference) {
FreePolStr(
pszIpsecISAKMPReference
);
}
return(dwError);
}