You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
956 lines
26 KiB
956 lines
26 KiB
|
|
|
|
#include "precomp.h"
|
|
|
|
|
|
DWORD
|
|
RegRestoreDefaults(
|
|
HANDLE hPolicyStore,
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
LPWSTR pszLocationName
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
|
|
LPWSTR * ppszIpsecAllFilterNFAReferences = NULL;
|
|
DWORD dwNumAllFilterNFAReferences = 0;
|
|
LPWSTR * ppszIpsecAllICMPFilterNFAReferences = NULL;
|
|
DWORD dwNumAllICMPFilterNFAReferences = 0;
|
|
|
|
LPWSTR * ppszIpsecPermitNegPolNFAReferences = NULL;
|
|
DWORD dwNumPermitNegPolNFAReferences = 0;
|
|
LPWSTR * ppszIpsecSecIniNegPolNFAReferences = NULL;
|
|
DWORD dwNumSecIniNegPolNFAReferences = 0;
|
|
LPWSTR * ppszIpsecLockdownNegPolNFAReferences = NULL;
|
|
DWORD dwNumLockdownNegPolNFAReferences = 0;
|
|
|
|
|
|
LPWSTR * ppszIpsecLockdownISAKMPPolicyReferences = NULL;
|
|
DWORD dwNumLockdownISAKMPPolicyReferences = 0;
|
|
LPWSTR * ppszIpsecSecIniISAKMPPolicyReferences = NULL;
|
|
DWORD dwNumSecIniISAKMPPolicyReferences = 0;
|
|
LPWSTR * ppszIpsecResponderISAKMPPolicyReferences = NULL;
|
|
DWORD dwNumResponderISAKMPPolicyReferences = 0;
|
|
LPWSTR * ppszIpsecDefaultISAKMPPolicyReferences = NULL;
|
|
DWORD dwNumDefaultISAKMPPolicyReferences = 0;
|
|
|
|
static const GUID GUID_ALL_FILTER=
|
|
{ 0x7238523a, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_ALL_ICMP_FILTER =
|
|
{ 0x72385235, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_PERMIT_NEGPOL =
|
|
{ 0x7238523b, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_SECURE_INITIATOR_NEGPOL =
|
|
{ 0x72385233, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_LOCKDOWN_NEGPOL =
|
|
{ 0x7238523f, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_RESPONDER_ISAKMP =
|
|
{ 0x72385237, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_SECURE_INITIATOR_ISAKMP =
|
|
{ 0x72385231, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_LOCKDOWN_ISAKMP =
|
|
{ 0x7238523d, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_DEFAULT_ISAKMP=
|
|
{ 0x72385234, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
|
|
dwError = RegRemoveDefaults(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pszLocationName
|
|
);
|
|
|
|
dwError = RegDeleteDefaultFilterData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_ALL_FILTER,
|
|
&ppszIpsecAllFilterNFAReferences,
|
|
&dwNumAllFilterNFAReferences
|
|
);
|
|
|
|
dwError = RegDeleteDefaultFilterData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_ALL_ICMP_FILTER,
|
|
&ppszIpsecAllICMPFilterNFAReferences,
|
|
&dwNumAllICMPFilterNFAReferences
|
|
);
|
|
|
|
dwError = RegDeleteDefaultNegPolData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_PERMIT_NEGPOL,
|
|
&ppszIpsecPermitNegPolNFAReferences,
|
|
&dwNumPermitNegPolNFAReferences
|
|
);
|
|
|
|
dwError = RegDeleteDefaultNegPolData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_SECURE_INITIATOR_NEGPOL,
|
|
&ppszIpsecSecIniNegPolNFAReferences,
|
|
&dwNumSecIniNegPolNFAReferences
|
|
);
|
|
|
|
dwError = RegDeleteDefaultNegPolData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_LOCKDOWN_NEGPOL,
|
|
&ppszIpsecLockdownNegPolNFAReferences,
|
|
&dwNumLockdownNegPolNFAReferences
|
|
);
|
|
|
|
dwError = RegDeleteDefaultISAKMPData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_LOCKDOWN_ISAKMP,
|
|
&ppszIpsecLockdownISAKMPPolicyReferences,
|
|
&dwNumLockdownISAKMPPolicyReferences
|
|
);
|
|
|
|
dwError = RegDeleteDefaultISAKMPData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_SECURE_INITIATOR_ISAKMP,
|
|
&ppszIpsecSecIniISAKMPPolicyReferences,
|
|
&dwNumSecIniISAKMPPolicyReferences
|
|
);
|
|
|
|
dwError = RegDeleteDefaultISAKMPData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_RESPONDER_ISAKMP,
|
|
&ppszIpsecResponderISAKMPPolicyReferences,
|
|
&dwNumResponderISAKMPPolicyReferences
|
|
);
|
|
|
|
dwError = RegDeleteDefaultISAKMPData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_DEFAULT_ISAKMP,
|
|
&ppszIpsecDefaultISAKMPPolicyReferences,
|
|
&dwNumDefaultISAKMPPolicyReferences
|
|
);
|
|
|
|
dwError = GenerateDefaultInformation(
|
|
hPolicyStore
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwError = RegUpdateFilterOwnersReference(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_ALL_FILTER,
|
|
ppszIpsecAllFilterNFAReferences,
|
|
dwNumAllFilterNFAReferences
|
|
);
|
|
|
|
dwError = RegUpdateFilterOwnersReference(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_ALL_ICMP_FILTER,
|
|
ppszIpsecAllICMPFilterNFAReferences,
|
|
dwNumAllICMPFilterNFAReferences
|
|
);
|
|
|
|
dwError = RegUpdateNegPolOwnersReference(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_LOCKDOWN_NEGPOL,
|
|
ppszIpsecLockdownNegPolNFAReferences,
|
|
dwNumLockdownNegPolNFAReferences
|
|
);
|
|
|
|
dwError = RegUpdateNegPolOwnersReference(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_SECURE_INITIATOR_NEGPOL,
|
|
ppszIpsecSecIniNegPolNFAReferences,
|
|
dwNumSecIniNegPolNFAReferences
|
|
);
|
|
|
|
dwError = RegUpdateNegPolOwnersReference(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_PERMIT_NEGPOL,
|
|
ppszIpsecPermitNegPolNFAReferences,
|
|
dwNumPermitNegPolNFAReferences
|
|
);
|
|
|
|
dwError = RegUpdateISAKMPOwnersReference(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_LOCKDOWN_ISAKMP,
|
|
ppszIpsecLockdownISAKMPPolicyReferences,
|
|
dwNumLockdownISAKMPPolicyReferences
|
|
);
|
|
|
|
dwError = RegUpdateISAKMPOwnersReference(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_SECURE_INITIATOR_ISAKMP,
|
|
ppszIpsecSecIniISAKMPPolicyReferences,
|
|
dwNumSecIniISAKMPPolicyReferences
|
|
);
|
|
|
|
dwError = RegUpdateISAKMPOwnersReference(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_RESPONDER_ISAKMP,
|
|
ppszIpsecResponderISAKMPPolicyReferences,
|
|
dwNumResponderISAKMPPolicyReferences
|
|
);
|
|
|
|
dwError = RegUpdateISAKMPOwnersReference(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
GUID_DEFAULT_ISAKMP,
|
|
ppszIpsecDefaultISAKMPPolicyReferences,
|
|
dwNumDefaultISAKMPPolicyReferences
|
|
);
|
|
|
|
(VOID) RegPingPASvcForActivePolicy(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pszLocationName
|
|
);
|
|
|
|
error:
|
|
|
|
if (ppszIpsecAllFilterNFAReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecAllFilterNFAReferences,
|
|
dwNumAllFilterNFAReferences
|
|
);
|
|
}
|
|
|
|
if (ppszIpsecAllICMPFilterNFAReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecAllICMPFilterNFAReferences,
|
|
dwNumAllICMPFilterNFAReferences
|
|
);
|
|
}
|
|
|
|
if (ppszIpsecPermitNegPolNFAReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecPermitNegPolNFAReferences,
|
|
dwNumPermitNegPolNFAReferences
|
|
);
|
|
}
|
|
|
|
if (ppszIpsecSecIniNegPolNFAReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecSecIniNegPolNFAReferences,
|
|
dwNumSecIniNegPolNFAReferences
|
|
);
|
|
}
|
|
|
|
if (ppszIpsecLockdownNegPolNFAReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecLockdownNegPolNFAReferences,
|
|
dwNumLockdownNegPolNFAReferences
|
|
);
|
|
}
|
|
|
|
if (ppszIpsecResponderISAKMPPolicyReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecResponderISAKMPPolicyReferences,
|
|
dwNumResponderISAKMPPolicyReferences
|
|
);
|
|
}
|
|
|
|
if (ppszIpsecSecIniISAKMPPolicyReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecSecIniISAKMPPolicyReferences,
|
|
dwNumSecIniISAKMPPolicyReferences
|
|
);
|
|
}
|
|
|
|
if (ppszIpsecLockdownISAKMPPolicyReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecLockdownISAKMPPolicyReferences,
|
|
dwNumLockdownISAKMPPolicyReferences
|
|
);
|
|
}
|
|
|
|
if (ppszIpsecDefaultISAKMPPolicyReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecDefaultISAKMPPolicyReferences,
|
|
dwNumDefaultISAKMPPolicyReferences
|
|
);
|
|
}
|
|
|
|
return (dwError);
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegRemoveDefaults(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
LPWSTR pszLocationName
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
|
|
static const GUID GUID_RESPONDER_POLICY =
|
|
{ 0x72385236, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_SECURE_INITIATOR_POLICY =
|
|
{ 0x72385230, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
static const GUID GUID_LOCKDOWN_POLICY =
|
|
{ 0x7238523c, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
|
|
|
|
dwError = RegDeleteDefaultPolicyData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pszLocationName,
|
|
GUID_LOCKDOWN_POLICY
|
|
);
|
|
|
|
dwError = RegDeleteDefaultPolicyData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pszLocationName,
|
|
GUID_SECURE_INITIATOR_POLICY
|
|
);
|
|
|
|
dwError = RegDeleteDefaultPolicyData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pszLocationName,
|
|
GUID_RESPONDER_POLICY
|
|
);
|
|
|
|
dwError = ERROR_SUCCESS;
|
|
|
|
return (dwError);
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegDeleteDefaultPolicyData(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
LPWSTR pszLocationName,
|
|
GUID PolicyGUID
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
PIPSEC_POLICY_DATA pIpsecPolicyData = NULL;
|
|
PIPSEC_NFA_DATA * ppIpsecNFAData = NULL;
|
|
DWORD dwNumNFAObjects = 0;
|
|
DWORD i = 0;
|
|
PIPSEC_NFA_DATA pIpsecNFAData = NULL;
|
|
|
|
|
|
dwError = RegGetPolicyData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
PolicyGUID,
|
|
&pIpsecPolicyData
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwError = RegEnumNFAData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
PolicyGUID,
|
|
&ppIpsecNFAData,
|
|
&dwNumNFAObjects
|
|
);
|
|
|
|
for (i = 0; i < dwNumNFAObjects; i++) {
|
|
|
|
pIpsecNFAData = *(ppIpsecNFAData + i);
|
|
|
|
dwError = RegDeleteNFAData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
PolicyGUID,
|
|
pszLocationName,
|
|
pIpsecNFAData
|
|
);
|
|
|
|
dwError = RegDeleteDynamicDefaultNegPolData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pszLocationName,
|
|
pIpsecNFAData->NegPolIdentifier
|
|
);
|
|
|
|
}
|
|
|
|
dwError = RegDeletePolicyData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pIpsecPolicyData
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
error:
|
|
|
|
if (ppIpsecNFAData) {
|
|
FreeMulIpsecNFAData(
|
|
ppIpsecNFAData,
|
|
dwNumNFAObjects
|
|
);
|
|
}
|
|
|
|
if (pIpsecPolicyData) {
|
|
FreeIpsecPolicyData(
|
|
pIpsecPolicyData
|
|
);
|
|
}
|
|
|
|
return(dwError);
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegDeleteDynamicDefaultNegPolData(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
LPWSTR pszLocationName,
|
|
GUID NegPolGUID
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
|
|
|
|
|
|
dwError = RegGetNegPolData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
NegPolGUID,
|
|
&pIpsecNegPolData
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
if (!memcmp(
|
|
&(pIpsecNegPolData->NegPolType),
|
|
&(GUID_NEGOTIATION_TYPE_DEFAULT),
|
|
sizeof(GUID))) {
|
|
|
|
dwError = RegDeleteNegPolData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
NegPolGUID
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
}
|
|
|
|
error:
|
|
|
|
if (pIpsecNegPolData) {
|
|
FreeIpsecNegPolData(
|
|
pIpsecNegPolData
|
|
);
|
|
}
|
|
|
|
return(dwError);
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegDeleteDefaultFilterData(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
GUID FilterIdentifier,
|
|
LPWSTR ** pppszIpsecNFAReferences,
|
|
PDWORD pdwNumReferences
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
|
|
|
|
*pppszIpsecNFAReferences = NULL;
|
|
*pdwNumReferences = 0;
|
|
|
|
dwError = RegRemoveOwnersReferenceInFilter(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
FilterIdentifier,
|
|
pppszIpsecNFAReferences,
|
|
pdwNumReferences
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwError = RegDeleteFilterData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
FilterIdentifier
|
|
);
|
|
error:
|
|
|
|
return (dwError);
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegDeleteDefaultNegPolData(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
GUID NegPolIdentifier,
|
|
LPWSTR ** pppszIpsecNFAReferences,
|
|
PDWORD pdwNumReferences
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
|
|
|
|
*pppszIpsecNFAReferences = NULL;
|
|
*pdwNumReferences = 0;
|
|
|
|
dwError = RegRemoveOwnersReferenceInNegPol(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
NegPolIdentifier,
|
|
pppszIpsecNFAReferences,
|
|
pdwNumReferences
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwError = RegDeleteNegPolData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
NegPolIdentifier
|
|
);
|
|
error:
|
|
|
|
return (dwError);
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegDeleteDefaultISAKMPData(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
GUID ISAKMPIdentifier,
|
|
LPWSTR ** pppszIpsecPolicyReferences,
|
|
PDWORD pdwNumReferences
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
|
|
|
|
*pppszIpsecPolicyReferences = NULL;
|
|
*pdwNumReferences = 0;
|
|
|
|
dwError = RegRemoveOwnersReferenceInISAKMP(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
ISAKMPIdentifier,
|
|
pppszIpsecPolicyReferences,
|
|
pdwNumReferences
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwError = RegDeleteISAKMPData(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
ISAKMPIdentifier
|
|
);
|
|
error:
|
|
|
|
return (dwError);
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegRemoveOwnersReferenceInFilter(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
GUID FilterIdentifier,
|
|
LPWSTR ** pppszIpsecNFAReferences,
|
|
PDWORD pdwNumReferences
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
LPWSTR pszIpsecFilterReference = NULL;
|
|
DWORD dwRootPathLen = 0;
|
|
LPWSTR pszRelativeName = NULL;
|
|
LPWSTR * ppszIpsecNFAReferences = NULL;
|
|
DWORD dwNumReferences = 0;
|
|
DWORD i = 0;
|
|
LPWSTR pszIpsecNFAReference = NULL;
|
|
|
|
dwError = ConvertGuidToFilterString(
|
|
FilterIdentifier,
|
|
pszIpsecRootContainer,
|
|
&pszIpsecFilterReference
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwRootPathLen = wcslen(pszIpsecRootContainer);
|
|
pszRelativeName = pszIpsecFilterReference + dwRootPathLen + 1;
|
|
|
|
dwError = RegGetNFAReferencesForFilter(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pszRelativeName,
|
|
&ppszIpsecNFAReferences,
|
|
&dwNumReferences
|
|
);
|
|
|
|
for (i = 0; i < dwNumReferences; i++) {
|
|
|
|
pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
|
|
|
|
dwError = RegDeleteNFAReferenceInFilterObject(
|
|
hRegistryKey,
|
|
pszRelativeName,
|
|
pszIpsecNFAReference
|
|
);
|
|
|
|
}
|
|
|
|
*pppszIpsecNFAReferences = ppszIpsecNFAReferences;
|
|
*pdwNumReferences = dwNumReferences;
|
|
|
|
cleanup:
|
|
|
|
if (pszIpsecFilterReference) {
|
|
FreePolStr(
|
|
pszIpsecFilterReference
|
|
);
|
|
}
|
|
|
|
return(dwError);
|
|
|
|
error:
|
|
|
|
if (ppszIpsecNFAReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecNFAReferences,
|
|
dwNumReferences
|
|
);
|
|
}
|
|
|
|
*pppszIpsecNFAReferences = NULL;
|
|
*pdwNumReferences = 0;
|
|
goto cleanup;
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegRemoveOwnersReferenceInNegPol(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
GUID NegPolIdentifier,
|
|
LPWSTR ** pppszIpsecNFAReferences,
|
|
PDWORD pdwNumReferences
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
LPWSTR pszIpsecNegPolReference = NULL;
|
|
DWORD dwRootPathLen = 0;
|
|
LPWSTR pszRelativeName = NULL;
|
|
LPWSTR * ppszIpsecNFAReferences = NULL;
|
|
DWORD dwNumReferences = 0;
|
|
DWORD i = 0;
|
|
LPWSTR pszIpsecNFAReference = NULL;
|
|
|
|
dwError = ConvertGuidToNegPolString(
|
|
NegPolIdentifier,
|
|
pszIpsecRootContainer,
|
|
&pszIpsecNegPolReference
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwRootPathLen = wcslen(pszIpsecRootContainer);
|
|
pszRelativeName = pszIpsecNegPolReference + dwRootPathLen + 1;
|
|
|
|
dwError = RegGetNFAReferencesForNegPol(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pszRelativeName,
|
|
&ppszIpsecNFAReferences,
|
|
&dwNumReferences
|
|
);
|
|
|
|
for (i = 0; i < dwNumReferences; i++) {
|
|
|
|
pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
|
|
|
|
dwError = RegDeleteNFAReferenceInNegPolObject(
|
|
hRegistryKey,
|
|
pszRelativeName,
|
|
pszIpsecNFAReference
|
|
);
|
|
|
|
}
|
|
|
|
*pppszIpsecNFAReferences = ppszIpsecNFAReferences;
|
|
*pdwNumReferences = dwNumReferences;
|
|
|
|
cleanup:
|
|
|
|
if (pszIpsecNegPolReference) {
|
|
FreePolStr(
|
|
pszIpsecNegPolReference
|
|
);
|
|
}
|
|
|
|
return(dwError);
|
|
|
|
error:
|
|
|
|
if (ppszIpsecNFAReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecNFAReferences,
|
|
dwNumReferences
|
|
);
|
|
}
|
|
|
|
*pppszIpsecNFAReferences = NULL;
|
|
*pdwNumReferences = 0;
|
|
goto cleanup;
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegRemoveOwnersReferenceInISAKMP(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
GUID ISAKMPIdentifier,
|
|
LPWSTR ** pppszIpsecPolicyReferences,
|
|
PDWORD pdwNumReferences
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
LPWSTR pszIpsecISAKMPReference = NULL;
|
|
DWORD dwRootPathLen = 0;
|
|
LPWSTR pszRelativeName = NULL;
|
|
LPWSTR * ppszIpsecPolicyReferences = NULL;
|
|
DWORD dwNumReferences = 0;
|
|
DWORD i = 0;
|
|
LPWSTR pszIpsecPolicyReference = NULL;
|
|
|
|
dwError = ConvertGuidToISAKMPString(
|
|
ISAKMPIdentifier,
|
|
pszIpsecRootContainer,
|
|
&pszIpsecISAKMPReference
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwRootPathLen = wcslen(pszIpsecRootContainer);
|
|
pszRelativeName = pszIpsecISAKMPReference + dwRootPathLen + 1;
|
|
|
|
dwError = RegGetPolicyReferencesForISAKMP(
|
|
hRegistryKey,
|
|
pszIpsecRootContainer,
|
|
pszRelativeName,
|
|
&ppszIpsecPolicyReferences,
|
|
&dwNumReferences
|
|
);
|
|
|
|
for (i = 0; i < dwNumReferences; i++) {
|
|
|
|
pszIpsecPolicyReference = *(ppszIpsecPolicyReferences + i);
|
|
|
|
dwError = RegRemovePolicyReferenceFromISAKMPObject(
|
|
hRegistryKey,
|
|
pszRelativeName,
|
|
pszIpsecPolicyReference
|
|
);
|
|
|
|
}
|
|
|
|
*pppszIpsecPolicyReferences = ppszIpsecPolicyReferences;
|
|
*pdwNumReferences = dwNumReferences;
|
|
|
|
cleanup:
|
|
|
|
if (pszIpsecISAKMPReference) {
|
|
FreePolStr(
|
|
pszIpsecISAKMPReference
|
|
);
|
|
}
|
|
|
|
return(dwError);
|
|
|
|
error:
|
|
|
|
if (ppszIpsecPolicyReferences) {
|
|
FreeNFAReferences(
|
|
ppszIpsecPolicyReferences,
|
|
dwNumReferences
|
|
);
|
|
}
|
|
|
|
*pppszIpsecPolicyReferences = NULL;
|
|
*pdwNumReferences = 0;
|
|
goto cleanup;
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegUpdateFilterOwnersReference(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
GUID FilterIdentifier,
|
|
LPWSTR * ppszIpsecNFAReferences,
|
|
DWORD dwNumNFAReferences
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
LPWSTR pszIpsecFilterReference = NULL;
|
|
DWORD dwRootPathLen = 0;
|
|
LPWSTR pszRelativeName = NULL;
|
|
DWORD i = 0;
|
|
LPWSTR pszIpsecNFAReference = NULL;
|
|
|
|
|
|
dwError = ConvertGuidToFilterString(
|
|
FilterIdentifier,
|
|
pszIpsecRootContainer,
|
|
&pszIpsecFilterReference
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwRootPathLen = wcslen(pszIpsecRootContainer);
|
|
|
|
pszRelativeName = pszIpsecFilterReference + dwRootPathLen + 1;
|
|
|
|
for (i = 0; i < dwNumNFAReferences; i++) {
|
|
|
|
pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
|
|
|
|
dwError = RegAddNFAReferenceToFilterObject(
|
|
hRegistryKey,
|
|
pszRelativeName,
|
|
pszIpsecNFAReference
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
}
|
|
|
|
error:
|
|
|
|
if (pszIpsecFilterReference) {
|
|
FreePolStr(
|
|
pszIpsecFilterReference
|
|
);
|
|
}
|
|
|
|
return(dwError);
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegUpdateNegPolOwnersReference(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
GUID NegPolIdentifier,
|
|
LPWSTR * ppszIpsecNFAReferences,
|
|
DWORD dwNumNFAReferences
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
LPWSTR pszIpsecNegPolReference = NULL;
|
|
DWORD dwRootPathLen = 0;
|
|
LPWSTR pszRelativeName = NULL;
|
|
DWORD i = 0;
|
|
LPWSTR pszIpsecNFAReference = NULL;
|
|
|
|
|
|
dwError = ConvertGuidToNegPolString(
|
|
NegPolIdentifier,
|
|
pszIpsecRootContainer,
|
|
&pszIpsecNegPolReference
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwRootPathLen = wcslen(pszIpsecRootContainer);
|
|
|
|
pszRelativeName = pszIpsecNegPolReference + dwRootPathLen + 1;
|
|
|
|
for (i = 0; i < dwNumNFAReferences; i++) {
|
|
|
|
pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
|
|
|
|
dwError = RegAddNFAReferenceToNegPolObject(
|
|
hRegistryKey,
|
|
pszRelativeName,
|
|
pszIpsecNFAReference
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
}
|
|
|
|
error:
|
|
|
|
if (pszIpsecNegPolReference) {
|
|
FreePolStr(
|
|
pszIpsecNegPolReference
|
|
);
|
|
}
|
|
|
|
return(dwError);
|
|
}
|
|
|
|
|
|
DWORD
|
|
RegUpdateISAKMPOwnersReference(
|
|
HKEY hRegistryKey,
|
|
LPWSTR pszIpsecRootContainer,
|
|
GUID ISAKMPIdentifier,
|
|
LPWSTR * ppszIpsecPolicyReferences,
|
|
DWORD dwNumPolicyReferences
|
|
)
|
|
{
|
|
DWORD dwError = 0;
|
|
LPWSTR pszIpsecISAKMPReference = NULL;
|
|
DWORD dwRootPathLen = 0;
|
|
LPWSTR pszRelativeName = NULL;
|
|
DWORD i = 0;
|
|
LPWSTR pszIpsecPolicyReference = NULL;
|
|
|
|
|
|
dwError = ConvertGuidToISAKMPString(
|
|
ISAKMPIdentifier,
|
|
pszIpsecRootContainer,
|
|
&pszIpsecISAKMPReference
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
dwRootPathLen = wcslen(pszIpsecRootContainer);
|
|
|
|
pszRelativeName = pszIpsecISAKMPReference + dwRootPathLen + 1;
|
|
|
|
for (i = 0; i < dwNumPolicyReferences; i++) {
|
|
|
|
pszIpsecPolicyReference = *(ppszIpsecPolicyReferences + i);
|
|
|
|
dwError = RegAddPolicyReferenceToISAKMPObject(
|
|
hRegistryKey,
|
|
pszRelativeName,
|
|
pszIpsecPolicyReference
|
|
);
|
|
BAIL_ON_WIN32_ERROR(dwError);
|
|
|
|
}
|
|
|
|
error:
|
|
|
|
if (pszIpsecISAKMPReference) {
|
|
FreePolStr(
|
|
pszIpsecISAKMPReference
|
|
);
|
|
}
|
|
|
|
return(dwError);
|
|
}
|
|
|