archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/net/ipsec/polstore/negpols-r.c

722 lines
17 KiB
Raw Normal View History

Add source files
4 years ago
  1. //----------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 2000.
  5. //
  6. // File: negpols-r.c
  7. //
  8. // Contents: Negotiation Policy management for registry.
  9. //
  10. //
  11. // History: KrishnaG.
  12. // AbhisheV.
  13. //
  14. //----------------------------------------------------------------------------
  16. #include "precomp.h"
  18. extern LPWSTR NegPolDNAttributes[];
  21. DWORD
  22. RegEnumNegPolData(
  23. HKEY hRegistryKey,
  24. LPWSTR pszIpsecRootContainer,
  25. PIPSEC_NEGPOL_DATA ** pppIpsecNegPolData,
  26. PDWORD pdwNumNegPolObjects
  27. )
  28. {
  29. DWORD dwError = 0;
  30. PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObjects = NULL;
  31. PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
  32. PIPSEC_NEGPOL_DATA * ppIpsecNegPolData = NULL;
  33. DWORD dwNumNegPolObjects = 0;
  34. DWORD i = 0;
  35. DWORD j = 0;
  38. dwError = RegEnumNegPolObjects(
  39. hRegistryKey,
  40. pszIpsecRootContainer,
  41. &ppIpsecNegPolObjects,
  42. &dwNumNegPolObjects
  43. );
  44. BAIL_ON_WIN32_ERROR(dwError);
  46. if (dwNumNegPolObjects) {
  47. ppIpsecNegPolData = (PIPSEC_NEGPOL_DATA *) AllocPolMem(
  48. dwNumNegPolObjects*sizeof(PIPSEC_NEGPOL_DATA));
  49. if (!ppIpsecNegPolData) {
  50. dwError = ERROR_OUTOFMEMORY;
  51. BAIL_ON_WIN32_ERROR(dwError);
  52. }
  53. }
  55. for (i = 0; i < dwNumNegPolObjects; i++) {
  57. dwError = RegUnmarshallNegPolData(
  58. *(ppIpsecNegPolObjects + i),
  59. &pIpsecNegPolData
  60. );
  61. if (!dwError) {
  62. *(ppIpsecNegPolData + j) = pIpsecNegPolData;
  63. j++;
  64. }
  65. }
  67. if (j == 0) {
  68. if (ppIpsecNegPolData) {
  69. FreePolMem(ppIpsecNegPolData);
  70. ppIpsecNegPolData = NULL;
  71. }
  72. }
  74. *pppIpsecNegPolData = ppIpsecNegPolData;
  75. *pdwNumNegPolObjects = j;
  77. dwError = ERROR_SUCCESS;
  79. cleanup:
  81. if (ppIpsecNegPolObjects) {
  82. FreeIpsecNegPolObjects(
  83. ppIpsecNegPolObjects,
  84. dwNumNegPolObjects
  85. );
  86. }
  88. return(dwError);
  91. error:
  93. if (ppIpsecNegPolData) {
  94. FreeMulIpsecNegPolData(
  95. ppIpsecNegPolData,
  96. i
  97. );
  98. }
  100. *pppIpsecNegPolData = NULL;
  101. *pdwNumNegPolObjects = 0;
  103. goto cleanup;
  104. }
  106. DWORD
  107. RegEnumNegPolObjects(
  108. HKEY hRegistryKey,
  109. LPWSTR pszIpsecRootContainer,
  110. PIPSEC_NEGPOL_OBJECT ** pppIpsecNegPolObjects,
  111. PDWORD pdwNumNegPolObjects
  112. )
  113. {
  115. DWORD dwError = 0;
  116. DWORD i = 0;
  117. DWORD dwCount = 0;
  118. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
  119. PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObjects = NULL;
  121. DWORD dwNumNegPolObjectsReturned = 0;
  122. DWORD dwIndex = 0;
  123. WCHAR szNegPolName[MAX_PATH];
  124. DWORD dwSize = 0;
  125. DWORD dwReserved = 0;
  127. *pppIpsecNegPolObjects = NULL;
  128. *pdwNumNegPolObjects = 0;
  130. while (1) {
  132. dwSize = MAX_PATH;
  133. dwReserved = 0;
  134. szNegPolName[0] = L'\0';
  136. dwError = RegEnumKeyExW(
  137. hRegistryKey,
  138. dwIndex,
  139. szNegPolName,
  140. &dwSize,
  141. NULL,
  142. NULL,
  143. 0,
  144. 0
  145. );
  146. if (dwError == ERROR_NO_MORE_ITEMS) {
  147. break;
  148. }
  149. BAIL_ON_WIN32_ERROR(dwError);
  151. if (!wcsstr(szNegPolName, L"ipsecNegotiationPolicy")) {
  152. dwIndex++;
  153. continue;
  154. }
  156. pIpsecNegPolObject = NULL;
  158. dwError =UnMarshallRegistryNegPolObject(
  159. hRegistryKey,
  160. pszIpsecRootContainer,
  161. szNegPolName,
  162. REG_RELATIVE_NAME,
  163. &pIpsecNegPolObject
  164. );
  165. if (dwError == ERROR_SUCCESS) {
  167. dwError = ReallocatePolMem(
  168. (LPVOID *) &ppIpsecNegPolObjects,
  169. sizeof(PIPSEC_NEGPOL_OBJECT)*(dwNumNegPolObjectsReturned),
  170. sizeof(PIPSEC_NEGPOL_OBJECT)*(dwNumNegPolObjectsReturned + 1)
  171. );
  172. BAIL_ON_WIN32_ERROR(dwError);
  174. *(ppIpsecNegPolObjects + dwNumNegPolObjectsReturned) = pIpsecNegPolObject;
  176. dwNumNegPolObjectsReturned++;
  178. }
  180. dwIndex++;
  182. }
  184. *pppIpsecNegPolObjects = ppIpsecNegPolObjects;
  185. *pdwNumNegPolObjects = dwNumNegPolObjectsReturned;
  187. dwError = ERROR_SUCCESS;
  189. return(dwError);
  191. error:
  194. if (ppIpsecNegPolObjects) {
  196. FreeIpsecNegPolObjects(
  197. ppIpsecNegPolObjects,
  198. dwNumNegPolObjectsReturned
  199. );
  200. }
  202. if (pIpsecNegPolObject) {
  203. FreeIpsecNegPolObject(
  204. pIpsecNegPolObject
  205. );
  206. }
  208. *pppIpsecNegPolObjects = NULL;
  209. *pdwNumNegPolObjects = 0;
  212. return(dwError);
  213. }
  216. DWORD
  217. RegSetNegPolData(
  218. HKEY hRegistryKey,
  219. LPWSTR pszIpsecRootContainer,
  220. LPWSTR pszLocationName,
  221. PIPSEC_NEGPOL_DATA pIpsecNegPolData
  222. )
  223. {
  224. DWORD dwError = 0;
  225. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
  227. dwError = RegMarshallNegPolObject(
  228. pIpsecNegPolData,
  229. &pIpsecNegPolObject
  230. );
  231. BAIL_ON_WIN32_ERROR(dwError);
  233. dwError = RegSetNegPolObject(
  234. hRegistryKey,
  235. pszIpsecRootContainer,
  236. pIpsecNegPolObject
  237. );
  238. BAIL_ON_WIN32_ERROR(dwError);
  240. dwError = RegBackPropIncChangesForNegPolToNFA(
  241. hRegistryKey,
  242. pszIpsecRootContainer,
  243. pszLocationName,
  244. pIpsecNegPolObject
  245. );
  246. BAIL_ON_WIN32_ERROR(dwError);
  248. error:
  250. if (pIpsecNegPolObject) {
  251. FreeIpsecNegPolObject(pIpsecNegPolObject);
  252. }
  254. return(dwError);
  255. }
  258. DWORD
  259. RegSetNegPolObject(
  260. HKEY hRegistryKey,
  261. LPWSTR pszIpsecRootContainer,
  262. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject
  263. )
  264. {
  265. DWORD dwError = 0;
  267. dwError = PersistNegPolObject(
  268. hRegistryKey,
  269. pIpsecNegPolObject
  270. );
  271. BAIL_ON_WIN32_ERROR(dwError);
  273. error:
  275. return(dwError);
  276. }
  279. DWORD
  280. RegCreateNegPolData(
  281. HKEY hRegistryKey,
  282. LPWSTR pszIpsecRootContainer,
  283. PIPSEC_NEGPOL_DATA pIpsecNegPolData
  284. )
  285. {
  286. DWORD dwError = 0;
  287. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
  289. dwError = RegMarshallNegPolObject(
  290. pIpsecNegPolData,
  291. &pIpsecNegPolObject
  292. );
  293. BAIL_ON_WIN32_ERROR(dwError);
  295. dwError = RegCreateNegPolObject(
  296. hRegistryKey,
  297. pszIpsecRootContainer,
  298. pIpsecNegPolObject
  299. );
  300. BAIL_ON_WIN32_ERROR(dwError);
  302. error:
  304. if (pIpsecNegPolObject) {
  305. FreeIpsecNegPolObject(
  306. pIpsecNegPolObject
  307. );
  308. }
  310. return(dwError);
  311. }
  313. DWORD
  314. RegCreateNegPolObject(
  315. HKEY hRegistryKey,
  316. LPWSTR pszIpsecRootContainer,
  317. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject
  318. )
  319. {
  321. DWORD dwError = 0;
  323. dwError = PersistNegPolObject(
  324. hRegistryKey,
  325. pIpsecNegPolObject
  326. );
  327. BAIL_ON_WIN32_ERROR(dwError);
  329. error:
  331. return(dwError);
  332. }
  335. DWORD
  336. RegDeleteNegPolData(
  337. HKEY hRegistryKey,
  338. LPWSTR pszIpsecRootContainer,
  339. GUID NegPolIdentifier
  340. )
  341. {
  342. DWORD dwError = ERROR_SUCCESS;
  343. WCHAR szGuid[MAX_PATH];
  344. WCHAR szDistinguishedName[MAX_PATH];
  345. LPWSTR pszStringUuid = NULL;
  347. szGuid[0] = L'\0';
  348. szDistinguishedName[0] = L'\0';
  350. dwError = UuidToString(
  351. &NegPolIdentifier,
  352. &pszStringUuid
  353. );
  354. BAIL_ON_WIN32_ERROR(dwError);
  355. wcscpy(szGuid, L"{");
  356. wcscat(szGuid, pszStringUuid);
  357. wcscat(szGuid, L"}");
  359. wcscpy(szDistinguishedName,L"ipsecNegotiationPolicy");
  360. wcscat(szDistinguishedName, szGuid);
  362. dwError = RegDeleteKeyW(
  363. hRegistryKey,
  364. szDistinguishedName
  365. );
  366. BAIL_ON_WIN32_ERROR(dwError);
  368. error:
  370. if (pszStringUuid) {
  371. RpcStringFree(&pszStringUuid);
  372. }
  374. return(dwError);
  375. }
  378. DWORD
  379. RegUnmarshallNegPolData(
  380. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject,
  381. PIPSEC_NEGPOL_DATA * ppIpsecNegPolData
  382. )
  383. {
  384. DWORD dwError = 0;
  386. dwError = UnmarshallNegPolObject(
  387. pIpsecNegPolObject,
  388. ppIpsecNegPolData
  389. );
  392. return(dwError);
  393. }
  395. DWORD
  396. RegMarshallNegPolObject(
  397. PIPSEC_NEGPOL_DATA pIpsecNegPolData,
  398. PIPSEC_NEGPOL_OBJECT * ppIpsecNegPolObject
  399. )
  400. {
  401. DWORD dwError = 0;
  402. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
  403. WCHAR szGuid[MAX_PATH];
  404. WCHAR szDistinguishedName[MAX_PATH];
  405. LPBYTE pBuffer = NULL;
  406. DWORD dwBufferLen = 0;
  407. LPWSTR pszStringUuid = NULL;
  408. LPWSTR pszNegPolActionUuid = NULL;
  409. LPWSTR pszNegPolTypeUuid = NULL;
  410. time_t PresentTime;
  411. WCHAR szGuidAction[MAX_PATH];
  412. WCHAR szGuidType[MAX_PATH];
  415. szGuidAction[0] = L'\0';
  416. szGuidType[0] = L'\0';
  417. szGuid[0] = L'\0';
  418. szDistinguishedName[0] = L'\0';
  419. pIpsecNegPolObject = (PIPSEC_NEGPOL_OBJECT)AllocPolMem(
  420. sizeof(IPSEC_NEGPOL_OBJECT)
  421. );
  422. if (!pIpsecNegPolObject) {
  423. dwError = ERROR_OUTOFMEMORY;
  424. BAIL_ON_WIN32_ERROR(dwError);
  425. }
  427. dwError = UuidToString(
  428. &pIpsecNegPolData->NegPolIdentifier,
  429. &pszStringUuid
  430. );
  431. BAIL_ON_WIN32_ERROR(dwError);
  432. wcscpy(szGuid, L"{");
  433. wcscat(szGuid, pszStringUuid);
  434. wcscat(szGuid, L"}");
  436. //
  437. // Fill in the distinguishedName
  438. //
  440. wcscpy(szDistinguishedName,L"ipsecNegotiationPolicy");
  441. wcscat(szDistinguishedName, szGuid);
  442. pIpsecNegPolObject->pszDistinguishedName = AllocPolStr(
  443. szDistinguishedName
  444. );
  445. if (!pIpsecNegPolObject->pszDistinguishedName) {
  446. dwError = ERROR_OUTOFMEMORY;
  447. BAIL_ON_WIN32_ERROR(dwError);
  448. }
  451. //
  452. // Fill in the ipsecName
  453. //
  455. if (pIpsecNegPolData->pszIpsecName &&
  456. *pIpsecNegPolData->pszIpsecName) {
  457. pIpsecNegPolObject->pszIpsecName = AllocPolStr(
  458. pIpsecNegPolData->pszIpsecName
  459. );
  460. if (!pIpsecNegPolObject->pszIpsecName) {
  461. dwError = ERROR_OUTOFMEMORY;
  462. BAIL_ON_WIN32_ERROR(dwError);
  463. }
  464. }
  466. if (pIpsecNegPolData->pszDescription &&
  467. *pIpsecNegPolData->pszDescription) {
  468. pIpsecNegPolObject->pszDescription = AllocPolStr(
  469. pIpsecNegPolData->pszDescription
  470. );
  471. if (!pIpsecNegPolObject->pszDescription) {
  472. dwError = ERROR_OUTOFMEMORY;
  473. BAIL_ON_WIN32_ERROR(dwError);
  474. }
  475. }
  477. //
  478. // Fill in the ipsecID
  479. //
  481. pIpsecNegPolObject->pszIpsecID = AllocPolStr(
  482. szGuid
  483. );
  484. if (!pIpsecNegPolObject->pszIpsecID) {
  485. dwError = ERROR_OUTOFMEMORY;
  486. BAIL_ON_WIN32_ERROR(dwError);
  487. }
  489. dwError = UuidToString(
  490. &pIpsecNegPolData->NegPolAction,
  491. &pszNegPolActionUuid
  492. );
  493. BAIL_ON_WIN32_ERROR(dwError);
  495. wcscpy(szGuidAction, L"{");
  496. wcscat(szGuidAction, pszNegPolActionUuid);
  497. wcscat(szGuidAction, L"}");
  499. pIpsecNegPolObject->pszIpsecNegPolAction = AllocPolStr(
  500. szGuidAction
  501. );
  502. if (!pIpsecNegPolObject->pszIpsecNegPolAction) {
  503. dwError = ERROR_OUTOFMEMORY;
  504. BAIL_ON_WIN32_ERROR(dwError);
  505. }
  507. dwError = UuidToString(
  508. &pIpsecNegPolData->NegPolType,
  509. &pszNegPolTypeUuid
  510. );
  511. BAIL_ON_WIN32_ERROR(dwError);
  513. wcscpy(szGuidType, L"{");
  514. wcscat(szGuidType, pszNegPolTypeUuid);
  515. wcscat(szGuidType, L"}");
  517. pIpsecNegPolObject->pszIpsecNegPolType = AllocPolStr(
  518. szGuidType
  519. );
  520. if (!pIpsecNegPolObject->pszIpsecNegPolType) {
  521. dwError = ERROR_OUTOFMEMORY;
  522. BAIL_ON_WIN32_ERROR(dwError);
  523. }
  525. //
  526. // Fill in the ipsecDataType
  527. //
  529. pIpsecNegPolObject->dwIpsecDataType = 0x100;
  532. //
  533. // Marshall the pIpsecDataBuffer and the Length
  534. //
  536. dwError = MarshallNegPolBuffer(
  537. pIpsecNegPolData,
  538. &pBuffer,
  539. &dwBufferLen
  540. );
  541. BAIL_ON_WIN32_ERROR(dwError);
  543. pIpsecNegPolObject->pIpsecData = pBuffer;
  545. pIpsecNegPolObject->dwIpsecDataLen = dwBufferLen;
  547. time(&PresentTime);
  549. pIpsecNegPolObject->dwWhenChanged = (DWORD) PresentTime;
  551. *ppIpsecNegPolObject = pIpsecNegPolObject;
  553. cleanup:
  555. if (pszStringUuid) {
  556. RpcStringFree(
  557. &pszStringUuid
  558. );
  559. }
  560. if (pszNegPolActionUuid) {
  561. RpcStringFree(
  562. &pszNegPolActionUuid
  563. );
  564. }
  565. if (pszNegPolTypeUuid) {
  566. RpcStringFree(
  567. &pszNegPolTypeUuid
  568. );
  569. }
  571. return(dwError);
  573. error:
  575. if (pIpsecNegPolObject) {
  576. FreeIpsecNegPolObject(
  577. pIpsecNegPolObject
  578. );
  579. }
  581. *ppIpsecNegPolObject = NULL;
  582. goto cleanup;
  583. }
  586. DWORD
  587. MarshallNegPolBuffer(
  588. PIPSEC_NEGPOL_DATA pIpsecNegPolData,
  589. LPBYTE * ppBuffer,
  590. DWORD * pdwBufferLen
  591. )
  592. {
  593. LPBYTE pCurrentPos = NULL;
  594. LPBYTE pBuffer = NULL;
  595. DWORD dwSize = 0;
  596. DWORD dwError = 0;
  597. DWORD dwNumSecurityOffers = 0;
  598. IPSEC_SECURITY_METHOD * pIpsecOffer = NULL;
  599. DWORD i = 0;
  600. DWORD dwEffectiveSize = 0;
  602. // {80DC20B9-2EC8-11d1-A89E-00A0248D3021}
  603. static const GUID GUID_IPSEC_NEGPOLICY_BLOB =
  604. { 0x80dc20b9, 0x2ec8, 0x11d1, { 0xa8, 0x9e, 0x0, 0xa0, 0x24, 0x8d, 0x30, 0x21 } };
  606. dwNumSecurityOffers = pIpsecNegPolData->dwSecurityMethodCount;
  607. pIpsecOffer = pIpsecNegPolData->pIpsecSecurityMethods;
  609. dwSize += sizeof(GUID);
  611. dwSize += sizeof(DWORD);
  613. dwSize += sizeof(DWORD);
  616. for (i = 0; i < dwNumSecurityOffers; i++) {
  618. dwSize += sizeof(IPSEC_SECURITY_METHOD);
  620. }
  621. dwSize++;
  623. pBuffer = (LPBYTE)AllocPolMem(dwSize);
  624. if (!pBuffer) {
  625. dwError = ERROR_OUTOFMEMORY;
  626. BAIL_ON_WIN32_ERROR(dwError);
  627. }
  629. pCurrentPos = pBuffer;
  631. memcpy(pCurrentPos, &GUID_IPSEC_NEGPOLICY_BLOB, sizeof(GUID));
  632. pCurrentPos += sizeof(GUID);
  634. dwEffectiveSize = dwSize - sizeof(GUID) - sizeof(DWORD) - 1;
  636. memcpy(pCurrentPos, &dwEffectiveSize, sizeof(DWORD));
  637. pCurrentPos += sizeof(DWORD);
  639. memcpy(pCurrentPos, &dwNumSecurityOffers, sizeof(DWORD));
  640. pCurrentPos += sizeof(DWORD);
  642. for (i = 0; i < dwNumSecurityOffers; i++) {
  644. memcpy(pCurrentPos, pIpsecOffer + i, sizeof(IPSEC_SECURITY_METHOD));
  645. pCurrentPos += sizeof(IPSEC_SECURITY_METHOD);
  646. }
  649. *ppBuffer = pBuffer;
  650. *pdwBufferLen = dwSize;
  652. return(dwError);
  654. error:
  656. if (pBuffer) {
  657. FreePolMem(pBuffer);
  658. }
  660. *ppBuffer = NULL;
  661. *pdwBufferLen = 0;
  662. return(dwError);
  663. }
  666. DWORD
  667. RegGetNegPolData(
  668. HKEY hRegistryKey,
  669. LPWSTR pszIpsecRootContainer,
  670. GUID NegPolGUID,
  671. PIPSEC_NEGPOL_DATA * ppIpsecNegPolData
  672. )
  673. {
  674. DWORD dwError = 0;
  675. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
  676. PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
  677. WCHAR szIpsecNegPolName[MAX_PATH];
  678. LPWSTR pszNegPolName = NULL;
  680. szIpsecNegPolName[0] = L'\0';
  681. wcscpy(szIpsecNegPolName, L"ipsecNegotiationPolicy");
  683. dwError = UuidToString(&NegPolGUID, &pszNegPolName);
  684. BAIL_ON_WIN32_ERROR(dwError);
  686. wcscat(szIpsecNegPolName, L"{");
  687. wcscat(szIpsecNegPolName, pszNegPolName);
  688. wcscat(szIpsecNegPolName, L"}");
  691. dwError =UnMarshallRegistryNegPolObject(
  692. hRegistryKey,
  693. pszIpsecRootContainer,
  694. szIpsecNegPolName,
  695. REG_RELATIVE_NAME,
  696. &pIpsecNegPolObject
  697. );
  698. BAIL_ON_WIN32_ERROR(dwError);
  700. dwError = RegUnmarshallNegPolData(
  701. pIpsecNegPolObject,
  702. &pIpsecNegPolData
  703. );
  704. BAIL_ON_WIN32_ERROR(dwError);
  706. error:
  708. if (pIpsecNegPolObject) {
  709. FreeIpsecNegPolObject(
  710. pIpsecNegPolObject
  711. );
  712. }
  714. if (pszNegPolName) {
  715. RpcStringFree(&pszNegPolName);
  716. }
  718. *ppIpsecNegPolData = pIpsecNegPolData;
  720. return(dwError);
  721. }