archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/net/ipsec/polstore/restore-r.c

956 lines
25 KiB
Raw Normal View History

Add source files
4 years ago
  3. #include "precomp.h"
  6. DWORD
  7. RegRestoreDefaults(
  8. HANDLE hPolicyStore,
  9. HKEY hRegistryKey,
  10. LPWSTR pszIpsecRootContainer,
  11. LPWSTR pszLocationName
  12. )
  13. {
  14. DWORD dwError = 0;
  16. LPWSTR * ppszIpsecAllFilterNFAReferences = NULL;
  17. DWORD dwNumAllFilterNFAReferences = 0;
  18. LPWSTR * ppszIpsecAllICMPFilterNFAReferences = NULL;
  19. DWORD dwNumAllICMPFilterNFAReferences = 0;
  21. LPWSTR * ppszIpsecPermitNegPolNFAReferences = NULL;
  22. DWORD dwNumPermitNegPolNFAReferences = 0;
  23. LPWSTR * ppszIpsecSecIniNegPolNFAReferences = NULL;
  24. DWORD dwNumSecIniNegPolNFAReferences = 0;
  25. LPWSTR * ppszIpsecLockdownNegPolNFAReferences = NULL;
  26. DWORD dwNumLockdownNegPolNFAReferences = 0;
  29. LPWSTR * ppszIpsecLockdownISAKMPPolicyReferences = NULL;
  30. DWORD dwNumLockdownISAKMPPolicyReferences = 0;
  31. LPWSTR * ppszIpsecSecIniISAKMPPolicyReferences = NULL;
  32. DWORD dwNumSecIniISAKMPPolicyReferences = 0;
  33. LPWSTR * ppszIpsecResponderISAKMPPolicyReferences = NULL;
  34. DWORD dwNumResponderISAKMPPolicyReferences = 0;
  35. LPWSTR * ppszIpsecDefaultISAKMPPolicyReferences = NULL;
  36. DWORD dwNumDefaultISAKMPPolicyReferences = 0;
  38. static const GUID GUID_ALL_FILTER=
  39. { 0x7238523a, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  41. static const GUID GUID_ALL_ICMP_FILTER =
  42. { 0x72385235, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  44. static const GUID GUID_PERMIT_NEGPOL =
  45. { 0x7238523b, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  47. static const GUID GUID_SECURE_INITIATOR_NEGPOL =
  48. { 0x72385233, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  50. static const GUID GUID_LOCKDOWN_NEGPOL =
  51. { 0x7238523f, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  53. static const GUID GUID_RESPONDER_ISAKMP =
  54. { 0x72385237, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  56. static const GUID GUID_SECURE_INITIATOR_ISAKMP =
  57. { 0x72385231, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  59. static const GUID GUID_LOCKDOWN_ISAKMP =
  60. { 0x7238523d, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  62. static const GUID GUID_DEFAULT_ISAKMP=
  63. { 0x72385234, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  66. dwError = RegRemoveDefaults(
  67. hRegistryKey,
  68. pszIpsecRootContainer,
  69. pszLocationName
  70. );
  72. dwError = RegDeleteDefaultFilterData(
  73. hRegistryKey,
  74. pszIpsecRootContainer,
  75. GUID_ALL_FILTER,
  76. &ppszIpsecAllFilterNFAReferences,
  77. &dwNumAllFilterNFAReferences
  78. );
  80. dwError = RegDeleteDefaultFilterData(
  81. hRegistryKey,
  82. pszIpsecRootContainer,
  83. GUID_ALL_ICMP_FILTER,
  84. &ppszIpsecAllICMPFilterNFAReferences,
  85. &dwNumAllICMPFilterNFAReferences
  86. );
  88. dwError = RegDeleteDefaultNegPolData(
  89. hRegistryKey,
  90. pszIpsecRootContainer,
  91. GUID_PERMIT_NEGPOL,
  92. &ppszIpsecPermitNegPolNFAReferences,
  93. &dwNumPermitNegPolNFAReferences
  94. );
  96. dwError = RegDeleteDefaultNegPolData(
  97. hRegistryKey,
  98. pszIpsecRootContainer,
  99. GUID_SECURE_INITIATOR_NEGPOL,
  100. &ppszIpsecSecIniNegPolNFAReferences,
  101. &dwNumSecIniNegPolNFAReferences
  102. );
  104. dwError = RegDeleteDefaultNegPolData(
  105. hRegistryKey,
  106. pszIpsecRootContainer,
  107. GUID_LOCKDOWN_NEGPOL,
  108. &ppszIpsecLockdownNegPolNFAReferences,
  109. &dwNumLockdownNegPolNFAReferences
  110. );
  112. dwError = RegDeleteDefaultISAKMPData(
  113. hRegistryKey,
  114. pszIpsecRootContainer,
  115. GUID_LOCKDOWN_ISAKMP,
  116. &ppszIpsecLockdownISAKMPPolicyReferences,
  117. &dwNumLockdownISAKMPPolicyReferences
  118. );
  120. dwError = RegDeleteDefaultISAKMPData(
  121. hRegistryKey,
  122. pszIpsecRootContainer,
  123. GUID_SECURE_INITIATOR_ISAKMP,
  124. &ppszIpsecSecIniISAKMPPolicyReferences,
  125. &dwNumSecIniISAKMPPolicyReferences
  126. );
  128. dwError = RegDeleteDefaultISAKMPData(
  129. hRegistryKey,
  130. pszIpsecRootContainer,
  131. GUID_RESPONDER_ISAKMP,
  132. &ppszIpsecResponderISAKMPPolicyReferences,
  133. &dwNumResponderISAKMPPolicyReferences
  134. );
  136. dwError = RegDeleteDefaultISAKMPData(
  137. hRegistryKey,
  138. pszIpsecRootContainer,
  139. GUID_DEFAULT_ISAKMP,
  140. &ppszIpsecDefaultISAKMPPolicyReferences,
  141. &dwNumDefaultISAKMPPolicyReferences
  142. );
  144. dwError = GenerateDefaultInformation(
  145. hPolicyStore
  146. );
  147. BAIL_ON_WIN32_ERROR(dwError);
  149. dwError = RegUpdateFilterOwnersReference(
  150. hRegistryKey,
  151. pszIpsecRootContainer,
  152. GUID_ALL_FILTER,
  153. ppszIpsecAllFilterNFAReferences,
  154. dwNumAllFilterNFAReferences
  155. );
  157. dwError = RegUpdateFilterOwnersReference(
  158. hRegistryKey,
  159. pszIpsecRootContainer,
  160. GUID_ALL_ICMP_FILTER,
  161. ppszIpsecAllICMPFilterNFAReferences,
  162. dwNumAllICMPFilterNFAReferences
  163. );
  165. dwError = RegUpdateNegPolOwnersReference(
  166. hRegistryKey,
  167. pszIpsecRootContainer,
  168. GUID_LOCKDOWN_NEGPOL,
  169. ppszIpsecLockdownNegPolNFAReferences,
  170. dwNumLockdownNegPolNFAReferences
  171. );
  173. dwError = RegUpdateNegPolOwnersReference(
  174. hRegistryKey,
  175. pszIpsecRootContainer,
  176. GUID_SECURE_INITIATOR_NEGPOL,
  177. ppszIpsecSecIniNegPolNFAReferences,
  178. dwNumSecIniNegPolNFAReferences
  179. );
  181. dwError = RegUpdateNegPolOwnersReference(
  182. hRegistryKey,
  183. pszIpsecRootContainer,
  184. GUID_PERMIT_NEGPOL,
  185. ppszIpsecPermitNegPolNFAReferences,
  186. dwNumPermitNegPolNFAReferences
  187. );
  189. dwError = RegUpdateISAKMPOwnersReference(
  190. hRegistryKey,
  191. pszIpsecRootContainer,
  192. GUID_LOCKDOWN_ISAKMP,
  193. ppszIpsecLockdownISAKMPPolicyReferences,
  194. dwNumLockdownISAKMPPolicyReferences
  195. );
  197. dwError = RegUpdateISAKMPOwnersReference(
  198. hRegistryKey,
  199. pszIpsecRootContainer,
  200. GUID_SECURE_INITIATOR_ISAKMP,
  201. ppszIpsecSecIniISAKMPPolicyReferences,
  202. dwNumSecIniISAKMPPolicyReferences
  203. );
  205. dwError = RegUpdateISAKMPOwnersReference(
  206. hRegistryKey,
  207. pszIpsecRootContainer,
  208. GUID_RESPONDER_ISAKMP,
  209. ppszIpsecResponderISAKMPPolicyReferences,
  210. dwNumResponderISAKMPPolicyReferences
  211. );
  213. dwError = RegUpdateISAKMPOwnersReference(
  214. hRegistryKey,
  215. pszIpsecRootContainer,
  216. GUID_DEFAULT_ISAKMP,
  217. ppszIpsecDefaultISAKMPPolicyReferences,
  218. dwNumDefaultISAKMPPolicyReferences
  219. );
  221. (VOID) RegPingPASvcForActivePolicy(
  222. hRegistryKey,
  223. pszIpsecRootContainer,
  224. pszLocationName
  225. );
  227. error:
  229. if (ppszIpsecAllFilterNFAReferences) {
  230. FreeNFAReferences(
  231. ppszIpsecAllFilterNFAReferences,
  232. dwNumAllFilterNFAReferences
  233. );
  234. }
  236. if (ppszIpsecAllICMPFilterNFAReferences) {
  237. FreeNFAReferences(
  238. ppszIpsecAllICMPFilterNFAReferences,
  239. dwNumAllICMPFilterNFAReferences
  240. );
  241. }
  243. if (ppszIpsecPermitNegPolNFAReferences) {
  244. FreeNFAReferences(
  245. ppszIpsecPermitNegPolNFAReferences,
  246. dwNumPermitNegPolNFAReferences
  247. );
  248. }
  250. if (ppszIpsecSecIniNegPolNFAReferences) {
  251. FreeNFAReferences(
  252. ppszIpsecSecIniNegPolNFAReferences,
  253. dwNumSecIniNegPolNFAReferences
  254. );
  255. }
  257. if (ppszIpsecLockdownNegPolNFAReferences) {
  258. FreeNFAReferences(
  259. ppszIpsecLockdownNegPolNFAReferences,
  260. dwNumLockdownNegPolNFAReferences
  261. );
  262. }
  264. if (ppszIpsecResponderISAKMPPolicyReferences) {
  265. FreeNFAReferences(
  266. ppszIpsecResponderISAKMPPolicyReferences,
  267. dwNumResponderISAKMPPolicyReferences
  268. );
  269. }
  271. if (ppszIpsecSecIniISAKMPPolicyReferences) {
  272. FreeNFAReferences(
  273. ppszIpsecSecIniISAKMPPolicyReferences,
  274. dwNumSecIniISAKMPPolicyReferences
  275. );
  276. }
  278. if (ppszIpsecLockdownISAKMPPolicyReferences) {
  279. FreeNFAReferences(
  280. ppszIpsecLockdownISAKMPPolicyReferences,
  281. dwNumLockdownISAKMPPolicyReferences
  282. );
  283. }
  285. if (ppszIpsecDefaultISAKMPPolicyReferences) {
  286. FreeNFAReferences(
  287. ppszIpsecDefaultISAKMPPolicyReferences,
  288. dwNumDefaultISAKMPPolicyReferences
  289. );
  290. }
  292. return (dwError);
  293. }
  296. DWORD
  297. RegRemoveDefaults(
  298. HKEY hRegistryKey,
  299. LPWSTR pszIpsecRootContainer,
  300. LPWSTR pszLocationName
  301. )
  302. {
  303. DWORD dwError = 0;
  305. static const GUID GUID_RESPONDER_POLICY =
  306. { 0x72385236, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  308. static const GUID GUID_SECURE_INITIATOR_POLICY =
  309. { 0x72385230, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  311. static const GUID GUID_LOCKDOWN_POLICY =
  312. { 0x7238523c, 0x70fa, 0x11d1, { 0x86, 0x4c, 0x14, 0xa3, 0x0, 0x0, 0x0, 0x0 } };
  314. dwError = RegDeleteDefaultPolicyData(
  315. hRegistryKey,
  316. pszIpsecRootContainer,
  317. pszLocationName,
  318. GUID_LOCKDOWN_POLICY
  319. );
  321. dwError = RegDeleteDefaultPolicyData(
  322. hRegistryKey,
  323. pszIpsecRootContainer,
  324. pszLocationName,
  325. GUID_SECURE_INITIATOR_POLICY
  326. );
  328. dwError = RegDeleteDefaultPolicyData(
  329. hRegistryKey,
  330. pszIpsecRootContainer,
  331. pszLocationName,
  332. GUID_RESPONDER_POLICY
  333. );
  335. dwError = ERROR_SUCCESS;
  337. return (dwError);
  338. }
  341. DWORD
  342. RegDeleteDefaultPolicyData(
  343. HKEY hRegistryKey,
  344. LPWSTR pszIpsecRootContainer,
  345. LPWSTR pszLocationName,
  346. GUID PolicyGUID
  347. )
  348. {
  349. DWORD dwError = 0;
  350. PIPSEC_POLICY_DATA pIpsecPolicyData = NULL;
  351. PIPSEC_NFA_DATA * ppIpsecNFAData = NULL;
  352. DWORD dwNumNFAObjects = 0;
  353. DWORD i = 0;
  354. PIPSEC_NFA_DATA pIpsecNFAData = NULL;
  357. dwError = RegGetPolicyData(
  358. hRegistryKey,
  359. pszIpsecRootContainer,
  360. PolicyGUID,
  361. &pIpsecPolicyData
  362. );
  363. BAIL_ON_WIN32_ERROR(dwError);
  365. dwError = RegEnumNFAData(
  366. hRegistryKey,
  367. pszIpsecRootContainer,
  368. PolicyGUID,
  369. &ppIpsecNFAData,
  370. &dwNumNFAObjects
  371. );
  373. for (i = 0; i < dwNumNFAObjects; i++) {
  375. pIpsecNFAData = *(ppIpsecNFAData + i);
  377. dwError = RegDeleteNFAData(
  378. hRegistryKey,
  379. pszIpsecRootContainer,
  380. PolicyGUID,
  381. pszLocationName,
  382. pIpsecNFAData
  383. );
  385. dwError = RegDeleteDynamicDefaultNegPolData(
  386. hRegistryKey,
  387. pszIpsecRootContainer,
  388. pszLocationName,
  389. pIpsecNFAData->NegPolIdentifier
  390. );
  392. }
  394. dwError = RegDeletePolicyData(
  395. hRegistryKey,
  396. pszIpsecRootContainer,
  397. pIpsecPolicyData
  398. );
  399. BAIL_ON_WIN32_ERROR(dwError);
  401. error:
  403. if (ppIpsecNFAData) {
  404. FreeMulIpsecNFAData(
  405. ppIpsecNFAData,
  406. dwNumNFAObjects
  407. );
  408. }
  410. if (pIpsecPolicyData) {
  411. FreeIpsecPolicyData(
  412. pIpsecPolicyData
  413. );
  414. }
  416. return(dwError);
  417. }
  420. DWORD
  421. RegDeleteDynamicDefaultNegPolData(
  422. HKEY hRegistryKey,
  423. LPWSTR pszIpsecRootContainer,
  424. LPWSTR pszLocationName,
  425. GUID NegPolGUID
  426. )
  427. {
  428. DWORD dwError = 0;
  429. PIPSEC_NEGPOL_DATA pIpsecNegPolData = NULL;
  432. dwError = RegGetNegPolData(
  433. hRegistryKey,
  434. pszIpsecRootContainer,
  435. NegPolGUID,
  436. &pIpsecNegPolData
  437. );
  438. BAIL_ON_WIN32_ERROR(dwError);
  440. if (!memcmp(
  441. &(pIpsecNegPolData->NegPolType),
  442. &(GUID_NEGOTIATION_TYPE_DEFAULT),
  443. sizeof(GUID))) {
  445. dwError = RegDeleteNegPolData(
  446. hRegistryKey,
  447. pszIpsecRootContainer,
  448. NegPolGUID
  449. );
  450. BAIL_ON_WIN32_ERROR(dwError);
  452. }
  454. error:
  456. if (pIpsecNegPolData) {
  457. FreeIpsecNegPolData(
  458. pIpsecNegPolData
  459. );
  460. }
  462. return(dwError);
  463. }
  466. DWORD
  467. RegDeleteDefaultFilterData(
  468. HKEY hRegistryKey,
  469. LPWSTR pszIpsecRootContainer,
  470. GUID FilterIdentifier,
  471. LPWSTR ** pppszIpsecNFAReferences,
  472. PDWORD pdwNumReferences
  473. )
  474. {
  475. DWORD dwError = 0;
  478. *pppszIpsecNFAReferences = NULL;
  479. *pdwNumReferences = 0;
  481. dwError = RegRemoveOwnersReferenceInFilter(
  482. hRegistryKey,
  483. pszIpsecRootContainer,
  484. FilterIdentifier,
  485. pppszIpsecNFAReferences,
  486. pdwNumReferences
  487. );
  488. BAIL_ON_WIN32_ERROR(dwError);
  490. dwError = RegDeleteFilterData(
  491. hRegistryKey,
  492. pszIpsecRootContainer,
  493. FilterIdentifier
  494. );
  495. error:
  497. return (dwError);
  498. }
  501. DWORD
  502. RegDeleteDefaultNegPolData(
  503. HKEY hRegistryKey,
  504. LPWSTR pszIpsecRootContainer,
  505. GUID NegPolIdentifier,
  506. LPWSTR ** pppszIpsecNFAReferences,
  507. PDWORD pdwNumReferences
  508. )
  509. {
  510. DWORD dwError = 0;
  513. *pppszIpsecNFAReferences = NULL;
  514. *pdwNumReferences = 0;
  516. dwError = RegRemoveOwnersReferenceInNegPol(
  517. hRegistryKey,
  518. pszIpsecRootContainer,
  519. NegPolIdentifier,
  520. pppszIpsecNFAReferences,
  521. pdwNumReferences
  522. );
  523. BAIL_ON_WIN32_ERROR(dwError);
  525. dwError = RegDeleteNegPolData(
  526. hRegistryKey,
  527. pszIpsecRootContainer,
  528. NegPolIdentifier
  529. );
  530. error:
  532. return (dwError);
  533. }
  536. DWORD
  537. RegDeleteDefaultISAKMPData(
  538. HKEY hRegistryKey,
  539. LPWSTR pszIpsecRootContainer,
  540. GUID ISAKMPIdentifier,
  541. LPWSTR ** pppszIpsecPolicyReferences,
  542. PDWORD pdwNumReferences
  543. )
  544. {
  545. DWORD dwError = 0;
  548. *pppszIpsecPolicyReferences = NULL;
  549. *pdwNumReferences = 0;
  551. dwError = RegRemoveOwnersReferenceInISAKMP(
  552. hRegistryKey,
  553. pszIpsecRootContainer,
  554. ISAKMPIdentifier,
  555. pppszIpsecPolicyReferences,
  556. pdwNumReferences
  557. );
  558. BAIL_ON_WIN32_ERROR(dwError);
  560. dwError = RegDeleteISAKMPData(
  561. hRegistryKey,
  562. pszIpsecRootContainer,
  563. ISAKMPIdentifier
  564. );
  565. error:
  567. return (dwError);
  568. }
  571. DWORD
  572. RegRemoveOwnersReferenceInFilter(
  573. HKEY hRegistryKey,
  574. LPWSTR pszIpsecRootContainer,
  575. GUID FilterIdentifier,
  576. LPWSTR ** pppszIpsecNFAReferences,
  577. PDWORD pdwNumReferences
  578. )
  579. {
  580. DWORD dwError = 0;
  581. LPWSTR pszIpsecFilterReference = NULL;
  582. DWORD dwRootPathLen = 0;
  583. LPWSTR pszRelativeName = NULL;
  584. LPWSTR * ppszIpsecNFAReferences = NULL;
  585. DWORD dwNumReferences = 0;
  586. DWORD i = 0;
  587. LPWSTR pszIpsecNFAReference = NULL;
  589. dwError = ConvertGuidToFilterString(
  590. FilterIdentifier,
  591. pszIpsecRootContainer,
  592. &pszIpsecFilterReference
  593. );
  594. BAIL_ON_WIN32_ERROR(dwError);
  596. dwRootPathLen = wcslen(pszIpsecRootContainer);
  597. pszRelativeName = pszIpsecFilterReference + dwRootPathLen + 1;
  599. dwError = RegGetNFAReferencesForFilter(
  600. hRegistryKey,
  601. pszIpsecRootContainer,
  602. pszRelativeName,
  603. &ppszIpsecNFAReferences,
  604. &dwNumReferences
  605. );
  607. for (i = 0; i < dwNumReferences; i++) {
  609. pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
  611. dwError = RegDeleteNFAReferenceInFilterObject(
  612. hRegistryKey,
  613. pszRelativeName,
  614. pszIpsecNFAReference
  615. );
  617. }
  619. *pppszIpsecNFAReferences = ppszIpsecNFAReferences;
  620. *pdwNumReferences = dwNumReferences;
  622. cleanup:
  624. if (pszIpsecFilterReference) {
  625. FreePolStr(
  626. pszIpsecFilterReference
  627. );
  628. }
  630. return(dwError);
  632. error:
  634. if (ppszIpsecNFAReferences) {
  635. FreeNFAReferences(
  636. ppszIpsecNFAReferences,
  637. dwNumReferences
  638. );
  639. }
  641. *pppszIpsecNFAReferences = NULL;
  642. *pdwNumReferences = 0;
  643. goto cleanup;
  644. }
  647. DWORD
  648. RegRemoveOwnersReferenceInNegPol(
  649. HKEY hRegistryKey,
  650. LPWSTR pszIpsecRootContainer,
  651. GUID NegPolIdentifier,
  652. LPWSTR ** pppszIpsecNFAReferences,
  653. PDWORD pdwNumReferences
  654. )
  655. {
  656. DWORD dwError = 0;
  657. LPWSTR pszIpsecNegPolReference = NULL;
  658. DWORD dwRootPathLen = 0;
  659. LPWSTR pszRelativeName = NULL;
  660. LPWSTR * ppszIpsecNFAReferences = NULL;
  661. DWORD dwNumReferences = 0;
  662. DWORD i = 0;
  663. LPWSTR pszIpsecNFAReference = NULL;
  665. dwError = ConvertGuidToNegPolString(
  666. NegPolIdentifier,
  667. pszIpsecRootContainer,
  668. &pszIpsecNegPolReference
  669. );
  670. BAIL_ON_WIN32_ERROR(dwError);
  672. dwRootPathLen = wcslen(pszIpsecRootContainer);
  673. pszRelativeName = pszIpsecNegPolReference + dwRootPathLen + 1;
  675. dwError = RegGetNFAReferencesForNegPol(
  676. hRegistryKey,
  677. pszIpsecRootContainer,
  678. pszRelativeName,
  679. &ppszIpsecNFAReferences,
  680. &dwNumReferences
  681. );
  683. for (i = 0; i < dwNumReferences; i++) {
  685. pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
  687. dwError = RegDeleteNFAReferenceInNegPolObject(
  688. hRegistryKey,
  689. pszRelativeName,
  690. pszIpsecNFAReference
  691. );
  693. }
  695. *pppszIpsecNFAReferences = ppszIpsecNFAReferences;
  696. *pdwNumReferences = dwNumReferences;
  698. cleanup:
  700. if (pszIpsecNegPolReference) {
  701. FreePolStr(
  702. pszIpsecNegPolReference
  703. );
  704. }
  706. return(dwError);
  708. error:
  710. if (ppszIpsecNFAReferences) {
  711. FreeNFAReferences(
  712. ppszIpsecNFAReferences,
  713. dwNumReferences
  714. );
  715. }
  717. *pppszIpsecNFAReferences = NULL;
  718. *pdwNumReferences = 0;
  719. goto cleanup;
  720. }
  723. DWORD
  724. RegRemoveOwnersReferenceInISAKMP(
  725. HKEY hRegistryKey,
  726. LPWSTR pszIpsecRootContainer,
  727. GUID ISAKMPIdentifier,
  728. LPWSTR ** pppszIpsecPolicyReferences,
  729. PDWORD pdwNumReferences
  730. )
  731. {
  732. DWORD dwError = 0;
  733. LPWSTR pszIpsecISAKMPReference = NULL;
  734. DWORD dwRootPathLen = 0;
  735. LPWSTR pszRelativeName = NULL;
  736. LPWSTR * ppszIpsecPolicyReferences = NULL;
  737. DWORD dwNumReferences = 0;
  738. DWORD i = 0;
  739. LPWSTR pszIpsecPolicyReference = NULL;
  741. dwError = ConvertGuidToISAKMPString(
  742. ISAKMPIdentifier,
  743. pszIpsecRootContainer,
  744. &pszIpsecISAKMPReference
  745. );
  746. BAIL_ON_WIN32_ERROR(dwError);
  748. dwRootPathLen = wcslen(pszIpsecRootContainer);
  749. pszRelativeName = pszIpsecISAKMPReference + dwRootPathLen + 1;
  751. dwError = RegGetPolicyReferencesForISAKMP(
  752. hRegistryKey,
  753. pszIpsecRootContainer,
  754. pszRelativeName,
  755. &ppszIpsecPolicyReferences,
  756. &dwNumReferences
  757. );
  759. for (i = 0; i < dwNumReferences; i++) {
  761. pszIpsecPolicyReference = *(ppszIpsecPolicyReferences + i);
  763. dwError = RegRemovePolicyReferenceFromISAKMPObject(
  764. hRegistryKey,
  765. pszRelativeName,
  766. pszIpsecPolicyReference
  767. );
  769. }
  771. *pppszIpsecPolicyReferences = ppszIpsecPolicyReferences;
  772. *pdwNumReferences = dwNumReferences;
  774. cleanup:
  776. if (pszIpsecISAKMPReference) {
  777. FreePolStr(
  778. pszIpsecISAKMPReference
  779. );
  780. }
  782. return(dwError);
  784. error:
  786. if (ppszIpsecPolicyReferences) {
  787. FreeNFAReferences(
  788. ppszIpsecPolicyReferences,
  789. dwNumReferences
  790. );
  791. }
  793. *pppszIpsecPolicyReferences = NULL;
  794. *pdwNumReferences = 0;
  795. goto cleanup;
  796. }
  799. DWORD
  800. RegUpdateFilterOwnersReference(
  801. HKEY hRegistryKey,
  802. LPWSTR pszIpsecRootContainer,
  803. GUID FilterIdentifier,
  804. LPWSTR * ppszIpsecNFAReferences,
  805. DWORD dwNumNFAReferences
  806. )
  807. {
  808. DWORD dwError = 0;
  809. LPWSTR pszIpsecFilterReference = NULL;
  810. DWORD dwRootPathLen = 0;
  811. LPWSTR pszRelativeName = NULL;
  812. DWORD i = 0;
  813. LPWSTR pszIpsecNFAReference = NULL;
  816. dwError = ConvertGuidToFilterString(
  817. FilterIdentifier,
  818. pszIpsecRootContainer,
  819. &pszIpsecFilterReference
  820. );
  821. BAIL_ON_WIN32_ERROR(dwError);
  823. dwRootPathLen = wcslen(pszIpsecRootContainer);
  825. pszRelativeName = pszIpsecFilterReference + dwRootPathLen + 1;
  827. for (i = 0; i < dwNumNFAReferences; i++) {
  829. pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
  831. dwError = RegAddNFAReferenceToFilterObject(
  832. hRegistryKey,
  833. pszRelativeName,
  834. pszIpsecNFAReference
  835. );
  836. BAIL_ON_WIN32_ERROR(dwError);
  838. }
  840. error:
  842. if (pszIpsecFilterReference) {
  843. FreePolStr(
  844. pszIpsecFilterReference
  845. );
  846. }
  848. return(dwError);
  849. }
  852. DWORD
  853. RegUpdateNegPolOwnersReference(
  854. HKEY hRegistryKey,
  855. LPWSTR pszIpsecRootContainer,
  856. GUID NegPolIdentifier,
  857. LPWSTR * ppszIpsecNFAReferences,
  858. DWORD dwNumNFAReferences
  859. )
  860. {
  861. DWORD dwError = 0;
  862. LPWSTR pszIpsecNegPolReference = NULL;
  863. DWORD dwRootPathLen = 0;
  864. LPWSTR pszRelativeName = NULL;
  865. DWORD i = 0;
  866. LPWSTR pszIpsecNFAReference = NULL;
  869. dwError = ConvertGuidToNegPolString(
  870. NegPolIdentifier,
  871. pszIpsecRootContainer,
  872. &pszIpsecNegPolReference
  873. );
  874. BAIL_ON_WIN32_ERROR(dwError);
  876. dwRootPathLen = wcslen(pszIpsecRootContainer);
  878. pszRelativeName = pszIpsecNegPolReference + dwRootPathLen + 1;
  880. for (i = 0; i < dwNumNFAReferences; i++) {
  882. pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
  884. dwError = RegAddNFAReferenceToNegPolObject(
  885. hRegistryKey,
  886. pszRelativeName,
  887. pszIpsecNFAReference
  888. );
  889. BAIL_ON_WIN32_ERROR(dwError);
  891. }
  893. error:
  895. if (pszIpsecNegPolReference) {
  896. FreePolStr(
  897. pszIpsecNegPolReference
  898. );
  899. }
  901. return(dwError);
  902. }
  905. DWORD
  906. RegUpdateISAKMPOwnersReference(
  907. HKEY hRegistryKey,
  908. LPWSTR pszIpsecRootContainer,
  909. GUID ISAKMPIdentifier,
  910. LPWSTR * ppszIpsecPolicyReferences,
  911. DWORD dwNumPolicyReferences
  912. )
  913. {
  914. DWORD dwError = 0;
  915. LPWSTR pszIpsecISAKMPReference = NULL;
  916. DWORD dwRootPathLen = 0;
  917. LPWSTR pszRelativeName = NULL;
  918. DWORD i = 0;
  919. LPWSTR pszIpsecPolicyReference = NULL;
  922. dwError = ConvertGuidToISAKMPString(
  923. ISAKMPIdentifier,
  924. pszIpsecRootContainer,
  925. &pszIpsecISAKMPReference
  926. );
  927. BAIL_ON_WIN32_ERROR(dwError);
  929. dwRootPathLen = wcslen(pszIpsecRootContainer);
  931. pszRelativeName = pszIpsecISAKMPReference + dwRootPathLen + 1;
  933. for (i = 0; i < dwNumPolicyReferences; i++) {
  935. pszIpsecPolicyReference = *(ppszIpsecPolicyReferences + i);
  937. dwError = RegAddPolicyReferenceToISAKMPObject(
  938. hRegistryKey,
  939. pszRelativeName,
  940. pszIpsecPolicyReference
  941. );
  942. BAIL_ON_WIN32_ERROR(dwError);
  944. }
  946. error:
  948. if (pszIpsecISAKMPReference) {
  949. FreePolStr(
  950. pszIpsecISAKMPReference
  951. );
  952. }
  954. return(dwError);
  955. }