|
|
//----------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 2000.
//
// File: negpols-d.c
//
// Contents: NegPol management for directory.
//
//
// History: KrishnaG
// AbhisheV
//
//----------------------------------------------------------------------------
#include "precomp.h"
extern LPWSTR NegPolDNAttributes[];
DWORDDirEnumNegPolData( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, PIPSEC_NEGPOL_DATA ** pppIpsecNegPolData, PDWORD pdwNumNegPolObjects ){ DWORD dwError = 0; PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObjects = NULL; PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL; PIPSEC_NEGPOL_DATA * ppIpsecNegPolData = NULL; DWORD dwNumNegPolObjects = 0; DWORD i = 0; DWORD j = 0;
dwError = DirEnumNegPolObjects( hLdapBindHandle, pszIpsecRootContainer, &ppIpsecNegPolObjects, &dwNumNegPolObjects ); BAIL_ON_WIN32_ERROR(dwError);
if (dwNumNegPolObjects) { ppIpsecNegPolData = (PIPSEC_NEGPOL_DATA *) AllocPolMem( dwNumNegPolObjects*sizeof(PIPSEC_NEGPOL_DATA)); if (!ppIpsecNegPolData) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); } }
for (i = 0; i < dwNumNegPolObjects; i++) {
dwError = DirUnmarshallNegPolData( *(ppIpsecNegPolObjects + i), &pIpsecNegPolData ); if (!dwError) { *(ppIpsecNegPolData + j) = pIpsecNegPolData; j++; } }
if (j == 0) { if (ppIpsecNegPolData) { FreePolMem(ppIpsecNegPolData); ppIpsecNegPolData = NULL; } }
*pppIpsecNegPolData = ppIpsecNegPolData; *pdwNumNegPolObjects = j;
dwError = ERROR_SUCCESS;
cleanup:
if (ppIpsecNegPolObjects) { FreeIpsecNegPolObjects( ppIpsecNegPolObjects, dwNumNegPolObjects ); }
return(dwError);
error:
if (ppIpsecNegPolData) { FreeMulIpsecNegPolData( ppIpsecNegPolData, i ); }
*pppIpsecNegPolData = NULL; *pdwNumNegPolObjects = 0;
goto cleanup;}
DWORDDirEnumNegPolObjects( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, PIPSEC_NEGPOL_OBJECT ** pppIpsecNegPolObjects, PDWORD pdwNumNegPolObjects ){ LDAPMessage *res = NULL; LDAPMessage *e = NULL; DWORD dwError = 0; LPWSTR pszNegPolString = NULL; DWORD i = 0; DWORD dwCount = 0; PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL; PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObjects = NULL;
DWORD dwNumNegPolObjectsReturned = 0;
dwError = GenerateAllNegPolsQuery( &pszNegPolString ); BAIL_ON_WIN32_ERROR(dwError);
dwError = LdapSearchST( hLdapBindHandle, pszIpsecRootContainer, LDAP_SCOPE_ONELEVEL, pszNegPolString, NegPolDNAttributes, 0, NULL, &res ); BAIL_ON_WIN32_ERROR(dwError);
dwCount = LdapCountEntries( hLdapBindHandle, res ); if (!dwCount) { dwError = ERROR_DS_NO_ATTRIBUTE_OR_VALUE; BAIL_ON_WIN32_ERROR(dwError); }
ppIpsecNegPolObjects = (PIPSEC_NEGPOL_OBJECT *)AllocPolMem( sizeof(PIPSEC_NEGPOL_OBJECT)*dwCount ); if (!ppIpsecNegPolObjects) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
for (i = 0; i < dwCount; i++) {
if (i == 0) {
dwError = LdapFirstEntry( hLdapBindHandle, res, &e ); BAIL_ON_WIN32_ERROR(dwError);
} else {
dwError = LdapNextEntry( hLdapBindHandle, e, &e ); BAIL_ON_WIN32_ERROR(dwError);
}
dwError =UnMarshallNegPolObject( hLdapBindHandle, e, &pIpsecNegPolObject ); if (dwError == ERROR_SUCCESS) { *(ppIpsecNegPolObjects + dwNumNegPolObjectsReturned) = pIpsecNegPolObject; dwNumNegPolObjectsReturned++; }
}
*pppIpsecNegPolObjects = ppIpsecNegPolObjects; *pdwNumNegPolObjects = dwNumNegPolObjectsReturned;
dwError = ERROR_SUCCESS;
cleanup:
if (pszNegPolString) { FreePolMem(pszNegPolString); }
if (res) { LdapMsgFree(res); }
return(dwError);
error:
if (ppIpsecNegPolObjects) { FreeIpsecNegPolObjects( ppIpsecNegPolObjects, dwNumNegPolObjectsReturned ); }
*pppIpsecNegPolObjects = NULL; *pdwNumNegPolObjects = 0;
goto cleanup;}
DWORDDirSetNegPolData( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, PIPSEC_NEGPOL_DATA pIpsecNegPolData ){ DWORD dwError = 0; PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
dwError = DirMarshallNegPolObject( pIpsecNegPolData, pszIpsecRootContainer, &pIpsecNegPolObject ); BAIL_ON_WIN32_ERROR(dwError);
dwError = DirSetNegPolObject( hLdapBindHandle, pszIpsecRootContainer, pIpsecNegPolObject ); BAIL_ON_WIN32_ERROR(dwError);
dwError = DirBackPropIncChangesForNegPolToNFA( hLdapBindHandle, pszIpsecRootContainer, pIpsecNegPolData->NegPolIdentifier ); BAIL_ON_WIN32_ERROR(dwError);
error:
if (pIpsecNegPolObject) { FreeIpsecNegPolObject(pIpsecNegPolObject); }
return(dwError);}
DWORDDirSetNegPolObject( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject ){ DWORD dwError = 0; LDAPModW ** ppLDAPModW = NULL;
dwError = DirMarshallSetNegPolObject( hLdapBindHandle, pszIpsecRootContainer, pIpsecNegPolObject, &ppLDAPModW ); BAIL_ON_WIN32_ERROR(dwError);
dwError = LdapModifyS( hLdapBindHandle, pIpsecNegPolObject->pszDistinguishedName, ppLDAPModW ); BAIL_ON_WIN32_ERROR(dwError);
error:
//
// Free the amods structures.
//
if (ppLDAPModW) { FreeLDAPModWs( ppLDAPModW ); }
return(dwError);}
DWORDDirCreateNegPolData( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, PIPSEC_NEGPOL_DATA pIpsecNegPolData ){ DWORD dwError = 0; PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
dwError = DirMarshallNegPolObject( pIpsecNegPolData, pszIpsecRootContainer, &pIpsecNegPolObject ); BAIL_ON_WIN32_ERROR(dwError);
dwError = DirCreateNegPolObject( hLdapBindHandle, pszIpsecRootContainer, pIpsecNegPolObject ); BAIL_ON_WIN32_ERROR(dwError);
error:
if (pIpsecNegPolObject) { FreeIpsecNegPolObject( pIpsecNegPolObject ); }
return(dwError);}
DWORDDirCreateNegPolObject( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject ){ DWORD dwError = 0; LDAPModW ** ppLDAPModW = NULL;
dwError = DirMarshallAddNegPolObject( hLdapBindHandle, pszIpsecRootContainer, pIpsecNegPolObject, &ppLDAPModW ); BAIL_ON_WIN32_ERROR(dwError);
dwError = LdapAddS( hLdapBindHandle, pIpsecNegPolObject->pszDistinguishedName, ppLDAPModW ); BAIL_ON_WIN32_ERROR(dwError);
error:
//
// Free the amods structures.
//
if (ppLDAPModW) { FreeLDAPModWs( ppLDAPModW ); }
return(dwError);}
DWORDDirDeleteNegPolData( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, GUID NegPolIdentifier ){ DWORD dwError = ERROR_SUCCESS; WCHAR szGuid[MAX_PATH]; WCHAR szDistinguishedName[MAX_PATH]; LPWSTR pszStringUuid = NULL;
szGuid[0] = L'\0'; szDistinguishedName[0] = L'\0';
dwError = UuidToString( &NegPolIdentifier, &pszStringUuid ); BAIL_ON_WIN32_ERROR(dwError); wcscpy(szGuid, L"{"); wcscat(szGuid, pszStringUuid); wcscat(szGuid, L"}");
wcscpy(szDistinguishedName,L"CN=ipsecNegotiationPolicy"); wcscat(szDistinguishedName, szGuid); wcscat(szDistinguishedName, L","); wcscat(szDistinguishedName, pszIpsecRootContainer);
dwError = LdapDeleteS( hLdapBindHandle, szDistinguishedName ); BAIL_ON_WIN32_ERROR(dwError);
error:
if (pszStringUuid) { RpcStringFree(&pszStringUuid); }
return(dwError);}
DWORDDirMarshallAddNegPolObject( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject, LDAPModW *** pppLDAPModW ){ DWORD i = 0; LDAPModW ** ppLDAPModW = NULL; LDAPModW * pLDAPModW = NULL; DWORD dwNumAttributes = 8; DWORD dwError = 0; WCHAR Buffer[64];
if (!pIpsecNegPolObject->pszIpsecName || !*pIpsecNegPolObject->pszIpsecName) { dwNumAttributes--; }
if (!pIpsecNegPolObject->pszDescription || !*pIpsecNegPolObject->pszDescription) { dwNumAttributes--; }
ppLDAPModW = (LDAPModW **) AllocPolMem( (dwNumAttributes+1) * sizeof(LDAPModW*) ); if (!ppLDAPModW) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
pLDAPModW = (LDAPModW *) AllocPolMem( dwNumAttributes * sizeof(LDAPModW) ); if (!pLDAPModW) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
//
// 0. objectClass
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"objectClass", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( L"ipsecNegotiationPolicy", (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 1. ipsecName
//
if (pIpsecNegPolObject->pszIpsecName && *pIpsecNegPolObject->pszIpsecName) {
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecName", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszIpsecName, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
}
//
// 2. ipsecID
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecID", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszIpsecID, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 3. ipsecDataType
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecDataType", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
_itow( pIpsecNegPolObject->dwIpsecDataType, Buffer, 10 );
dwError = AllocateLDAPStringValue( Buffer, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 4. ipsecData
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecData", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPBinaryValue( pIpsecNegPolObject->pIpsecData, pIpsecNegPolObject->dwIpsecDataLen, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW+i)->mod_op = LDAP_MOD_REPLACE | LDAP_MOD_BVALUES;
i++;
//
// 5. description
//
if (pIpsecNegPolObject->pszDescription && *pIpsecNegPolObject->pszDescription) {
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"description", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszDescription, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
}
//
// 6. ipsecNegotiationPolicyAction
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecNegotiationPolicyAction", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszIpsecNegPolAction, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 7. ipsecNegotiationPolicyType
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecNegotiationPolicyType", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszIpsecNegPolType, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
*pppLDAPModW = ppLDAPModW;
return(dwError);
error:
if (ppLDAPModW) { FreeLDAPModWs( ppLDAPModW ); }
*pppLDAPModW = NULL;
return(dwError);}
DWORDDirMarshallSetNegPolObject( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject, LDAPModW *** pppLDAPModW ){ DWORD i = 0; LDAPModW ** ppLDAPModW = NULL; LDAPModW * pLDAPModW = NULL; DWORD dwNumAttributes = 7; DWORD dwError = 0; WCHAR Buffer[64];
if (!pIpsecNegPolObject->pszIpsecName || !*pIpsecNegPolObject->pszIpsecName) { dwNumAttributes--; }
if (!pIpsecNegPolObject->pszDescription || !*pIpsecNegPolObject->pszDescription) { dwNumAttributes--; }
ppLDAPModW = (LDAPModW **) AllocPolMem( (dwNumAttributes+1) * sizeof(LDAPModW*) ); if (!ppLDAPModW) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
pLDAPModW = (LDAPModW *) AllocPolMem( dwNumAttributes * sizeof(LDAPModW) ); if (!pLDAPModW) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
//
// 1. ipsecName
//
if (pIpsecNegPolObject->pszIpsecName && *pIpsecNegPolObject->pszIpsecName) {
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecName", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszIpsecName, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
}
//
// 2. ipsecID
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecID", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszIpsecID, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 3. ipsecDataType
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecDataType", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
_itow( pIpsecNegPolObject->dwIpsecDataType, Buffer, 10 );
dwError = AllocateLDAPStringValue( Buffer, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 4. ipsecData
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecData", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPBinaryValue( pIpsecNegPolObject->pIpsecData, pIpsecNegPolObject->dwIpsecDataLen, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW+i)->mod_op = LDAP_MOD_REPLACE | LDAP_MOD_BVALUES;
i++;
//
// 5. description
//
if (pIpsecNegPolObject->pszDescription && *pIpsecNegPolObject->pszDescription) {
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"description", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszDescription, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
}
//
// 6. ipsecNegotiationPolicyAction
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecNegotiationPolicyAction", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszIpsecNegPolAction, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 7. ipsecNegotiationPolicyType
//
ppLDAPModW[i] = pLDAPModW + i; dwError = AllocatePolString( L"ipsecNegotiationPolicyType", &(pLDAPModW +i)->mod_type ); BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue( pIpsecNegPolObject->pszIpsecNegPolType, (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values ); BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
*pppLDAPModW = ppLDAPModW;
return(dwError);
error:
if (ppLDAPModW) { FreeLDAPModWs( ppLDAPModW ); }
*pppLDAPModW = NULL;
return(dwError);}
DWORDGenerateAllNegPolsQuery( LPWSTR * ppszNegPolString ){ DWORD dwError = 0; DWORD dwLength = 0; LPWSTR pszNegPolString = NULL;
//
// Compute Length of Buffer to be allocated
//
dwLength = wcslen(L"(objectclass=ipsecNegotiationPolicy)");
pszNegPolString = (LPWSTR) AllocPolMem((dwLength + 1)*sizeof(WCHAR));
if (!pszNegPolString) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
//
// Now fill in the buffer
//
wcscpy(pszNegPolString, L"(objectclass=ipsecNegotiationPolicy)");
*ppszNegPolString = pszNegPolString;
return(0);
error:
if (pszNegPolString) { FreePolMem(pszNegPolString); }
*ppszNegPolString = NULL;
return(dwError);}
DWORDDirUnmarshallNegPolData( PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject, PIPSEC_NEGPOL_DATA * ppIpsecNegPolData ){ DWORD dwError = 0;
dwError = UnmarshallNegPolObject( pIpsecNegPolObject, ppIpsecNegPolData );
return(dwError);}
DWORDDirMarshallNegPolObject( PIPSEC_NEGPOL_DATA pIpsecNegPolData, LPWSTR pszIpsecRootContainer, PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObject ){ DWORD dwError = 0; PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL; WCHAR szGuid[MAX_PATH]; WCHAR szDistinguishedName[MAX_PATH]; LPBYTE pBuffer = NULL; DWORD dwBufferLen = 0; LPWSTR pszStringUuid = NULL; LPWSTR pszNegPolActionUuid = NULL; LPWSTR pszNegPolTypeUuid = NULL; WCHAR szGuidAction[MAX_PATH]; WCHAR szGuidType[MAX_PATH];
szGuidAction[0] = L'\0'; szGuidType[0] = L'\0'; szGuid[0] = L'\0'; szDistinguishedName[0] = L'\0'; pIpsecNegPolObject = (PIPSEC_NEGPOL_OBJECT)AllocPolMem( sizeof(IPSEC_NEGPOL_OBJECT) ); if (!pIpsecNegPolObject) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
dwError = UuidToString( &pIpsecNegPolData->NegPolIdentifier, &pszStringUuid ); BAIL_ON_WIN32_ERROR(dwError); wcscpy(szGuid, L"{"); wcscat(szGuid, pszStringUuid); wcscat(szGuid, L"}");
//
// Fill in the distinguishedName
//
wcscpy(szDistinguishedName,L"CN=ipsecNegotiationPolicy"); wcscat(szDistinguishedName, szGuid); wcscat(szDistinguishedName, L","); wcscat(szDistinguishedName, pszIpsecRootContainer);
pIpsecNegPolObject->pszDistinguishedName = AllocPolStr( szDistinguishedName ); if (!pIpsecNegPolObject->pszDistinguishedName) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
//
// Fill in the ipsecName
//
if (pIpsecNegPolData->pszIpsecName && *pIpsecNegPolData->pszIpsecName) { pIpsecNegPolObject->pszIpsecName = AllocPolStr( pIpsecNegPolData->pszIpsecName ); if (!pIpsecNegPolObject->pszIpsecName) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); } }
if (pIpsecNegPolData->pszDescription && *pIpsecNegPolData->pszDescription) { pIpsecNegPolObject->pszDescription = AllocPolStr( pIpsecNegPolData->pszDescription ); if (!pIpsecNegPolObject->pszDescription) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); } }
//
// Fill in the ipsecID
//
pIpsecNegPolObject->pszIpsecID = AllocPolStr( szGuid ); if (!pIpsecNegPolObject->pszIpsecID) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
dwError = UuidToString( &pIpsecNegPolData->NegPolAction, &pszNegPolActionUuid ); BAIL_ON_WIN32_ERROR(dwError);
wcscpy(szGuidAction, L"{"); wcscat(szGuidAction, pszNegPolActionUuid); wcscat(szGuidAction, L"}");
pIpsecNegPolObject->pszIpsecNegPolAction = AllocPolStr( szGuidAction ); if (!pIpsecNegPolObject->pszIpsecNegPolAction) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
dwError = UuidToString( &pIpsecNegPolData->NegPolType, &pszNegPolTypeUuid ); BAIL_ON_WIN32_ERROR(dwError);
wcscpy(szGuidType, L"{"); wcscat(szGuidType, pszNegPolTypeUuid); wcscat(szGuidType, L"}");
pIpsecNegPolObject->pszIpsecNegPolType = AllocPolStr( szGuidType ); if (!pIpsecNegPolObject->pszIpsecNegPolType) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
//
// Fill in the ipsecDataType
//
pIpsecNegPolObject->dwIpsecDataType = 0x100;
//
// Marshall the pIpsecDataBuffer and the Length
//
dwError = MarshallNegPolBuffer( pIpsecNegPolData, &pBuffer, &dwBufferLen ); BAIL_ON_WIN32_ERROR(dwError);
pIpsecNegPolObject->pIpsecData = pBuffer;
pIpsecNegPolObject->dwIpsecDataLen = dwBufferLen;
pIpsecNegPolObject->dwWhenChanged = 0;
*ppIpsecNegPolObject = pIpsecNegPolObject;
cleanup:
if (pszStringUuid) { RpcStringFree( &pszStringUuid ); } if (pszNegPolActionUuid) { RpcStringFree( &pszNegPolActionUuid ); } if (pszNegPolTypeUuid) { RpcStringFree( &pszNegPolTypeUuid ); }
return(dwError);
error:
if (pIpsecNegPolObject) { FreeIpsecNegPolObject( pIpsecNegPolObject ); }
*ppIpsecNegPolObject = NULL; goto cleanup;}
DWORDDirGetNegPolData( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, GUID NegPolGUID, PIPSEC_NEGPOL_DATA * ppIpsecNegPolData ){ DWORD dwError = 0; PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL; PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
dwError = DirGetNegPolObject( hLdapBindHandle, pszIpsecRootContainer, NegPolGUID, &pIpsecNegPolObject ); BAIL_ON_WIN32_ERROR(dwError);
dwError = DirUnmarshallNegPolData( pIpsecNegPolObject, &pIpsecNegPolData ); BAIL_ON_WIN32_ERROR(dwError);
*ppIpsecNegPolData = pIpsecNegPolData;
cleanup:
if (pIpsecNegPolObject) { FreeIpsecNegPolObject( pIpsecNegPolObject ); }
return(dwError);
error:
*ppIpsecNegPolData = NULL;
goto cleanup;}
DWORDDirGetNegPolObject( HLDAP hLdapBindHandle, LPWSTR pszIpsecRootContainer, GUID NegPolGUID, PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObject ){ DWORD dwError = 0; LPWSTR pszNegPolString = NULL; LDAPMessage * res = NULL; DWORD dwCount = 0; LDAPMessage * e = NULL; PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
dwError = GenerateSpecificNegPolQuery( NegPolGUID, &pszNegPolString ); BAIL_ON_WIN32_ERROR(dwError);
dwError = LdapSearchST( hLdapBindHandle, pszIpsecRootContainer, LDAP_SCOPE_ONELEVEL, pszNegPolString, NegPolDNAttributes, 0, NULL, &res ); BAIL_ON_WIN32_ERROR(dwError);
dwCount = LdapCountEntries( hLdapBindHandle, res ); if (!dwCount) { dwError = ERROR_DS_NO_ATTRIBUTE_OR_VALUE; BAIL_ON_WIN32_ERROR(dwError); }
dwError = LdapFirstEntry( hLdapBindHandle, res, &e ); BAIL_ON_WIN32_ERROR(dwError);
dwError = UnMarshallNegPolObject( hLdapBindHandle, e, &pIpsecNegPolObject ); BAIL_ON_WIN32_ERROR(dwError);
*ppIpsecNegPolObject = pIpsecNegPolObject;
dwError = ERROR_SUCCESS;
cleanup:
if (pszNegPolString) { FreePolMem(pszNegPolString); }
if (res) { LdapMsgFree(res); }
return(dwError);
error:
if (pIpsecNegPolObject) { FreeIpsecNegPolObject( pIpsecNegPolObject ); }
*ppIpsecNegPolObject = NULL;
goto cleanup;}
DWORDGenerateSpecificNegPolQuery( GUID NegPolIdentifier, LPWSTR * ppszNegPolString ){ DWORD dwError = ERROR_SUCCESS; WCHAR szGuid[MAX_PATH]; WCHAR szCommonName[MAX_PATH]; LPWSTR pszStringUuid = NULL; DWORD dwLength = 0; LPWSTR pszNegPolString = NULL;
szGuid[0] = L'\0'; szCommonName[0] = L'\0';
dwError = UuidToString( &NegPolIdentifier, &pszStringUuid ); BAIL_ON_WIN32_ERROR(dwError); wcscpy(szGuid, L"{"); wcscat(szGuid, pszStringUuid); wcscat(szGuid, L"}");
wcscpy(szCommonName, L"cn=ipsecNegotiationPolicy"); wcscat(szCommonName, szGuid);
//
// Compute Length of Buffer to be allocated
//
dwLength = wcslen(L"(&(objectclass=ipsecNegotiationPolicy)"); dwLength += wcslen(L"("); dwLength += wcslen(szCommonName); dwLength += wcslen(L"))");
pszNegPolString = (LPWSTR) AllocPolMem((dwLength + 1)*sizeof(WCHAR));
if (!pszNegPolString) { dwError = ERROR_OUTOFMEMORY; BAIL_ON_WIN32_ERROR(dwError); }
wcscpy(pszNegPolString, L"(&(objectclass=ipsecNegotiationPolicy)"); wcscat(pszNegPolString, L"("); wcscat(pszNegPolString, szCommonName); wcscat(pszNegPolString, L"))");
*ppszNegPolString = pszNegPolString;
cleanup:
if (pszStringUuid) { RpcStringFree(&pszStringUuid); }
return(dwError);
error:
if (pszNegPolString) { FreePolMem(pszNegPolString); }
*ppszNegPolString = NULL;
goto cleanup;}
|
