archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
3.8 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/net/ipsec/polstore/update-d.c

689 lines
16 KiB
Raw Normal View History

Add source files
4 years ago
  3. #include "precomp.h"
  6. DWORD
  7. DirBackPropIncChangesForISAKMPToPolicy(
  8. HLDAP hLdapBindHandle,
  9. LPWSTR pszIpsecRootContainer,
  10. GUID ISAKMPIdentifier
  11. )
  12. {
  13. DWORD dwError = 0;
  14. LPWSTR * ppszIpsecPolicyReferences = NULL;
  15. DWORD dwNumReferences = 0;
  16. DWORD i = 0;
  17. LPWSTR pszIpsecPolicyReference = NULL;
  20. dwError = DirGetPolicyReferencesForISAKMP(
  21. hLdapBindHandle,
  22. pszIpsecRootContainer,
  23. ISAKMPIdentifier,
  24. &ppszIpsecPolicyReferences,
  25. &dwNumReferences
  26. );
  28. for (i = 0; i < dwNumReferences; i++) {
  30. pszIpsecPolicyReference = *(ppszIpsecPolicyReferences + i);
  32. dwError = DirUpdatePolicy(
  33. hLdapBindHandle,
  34. pszIpsecRootContainer,
  35. pszIpsecPolicyReference,
  36. 0x200
  37. );
  38. BAIL_ON_WIN32_ERROR(dwError);
  40. dwError = DirUpdatePolicy(
  41. hLdapBindHandle,
  42. pszIpsecRootContainer,
  43. pszIpsecPolicyReference,
  44. 0x100
  45. );
  46. BAIL_ON_WIN32_ERROR(dwError);
  48. }
  50. dwError = ERROR_SUCCESS;
  52. error:
  54. if (ppszIpsecPolicyReferences) {
  55. FreeNFAReferences(
  56. ppszIpsecPolicyReferences,
  57. dwNumReferences
  58. );
  59. }
  61. return (dwError);
  62. }
  65. DWORD
  66. DirBackPropIncChangesForFilterToNFA(
  67. HLDAP hLdapBindHandle,
  68. LPWSTR pszIpsecRootContainer,
  69. GUID FilterIdentifier
  70. )
  71. {
  72. DWORD dwError = 0;
  73. LPWSTR * ppszIpsecNFAReferences = NULL;
  74. DWORD dwNumReferences = 0;
  75. DWORD i = 0;
  76. LPWSTR pszIpsecNFAReference = NULL;
  79. dwError = DirGetNFAReferencesForFilter(
  80. hLdapBindHandle,
  81. pszIpsecRootContainer,
  82. FilterIdentifier,
  83. &ppszIpsecNFAReferences,
  84. &dwNumReferences
  85. );
  87. for (i = 0; i < dwNumReferences; i++) {
  89. pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
  91. dwError = DirUpdateNFA(
  92. hLdapBindHandle,
  93. pszIpsecRootContainer,
  94. pszIpsecNFAReference,
  95. 0x200
  96. );
  97. if (dwError) {
  98. continue;
  99. }
  101. dwError = DirUpdateNFA(
  102. hLdapBindHandle,
  103. pszIpsecRootContainer,
  104. pszIpsecNFAReference,
  105. 0x100
  106. );
  107. if (dwError) {
  108. continue;
  109. }
  111. dwError = DirBackPropIncChangesForNFAToPolicy(
  112. hLdapBindHandle,
  113. pszIpsecRootContainer,
  114. pszIpsecNFAReference
  115. );
  116. if (dwError) {
  117. continue;
  118. }
  120. }
  122. dwError = ERROR_SUCCESS;
  124. if (ppszIpsecNFAReferences) {
  125. FreeNFAReferences(
  126. ppszIpsecNFAReferences,
  127. dwNumReferences
  128. );
  129. }
  131. return (dwError);
  132. }
  135. DWORD
  136. DirBackPropIncChangesForNegPolToNFA(
  137. HLDAP hLdapBindHandle,
  138. LPWSTR pszIpsecRootContainer,
  139. GUID NegPolIdentifier
  140. )
  141. {
  142. DWORD dwError = 0;
  143. LPWSTR * ppszIpsecNFAReferences = NULL;
  144. DWORD dwNumReferences = 0;
  145. DWORD i = 0;
  146. LPWSTR pszIpsecNFAReference = NULL;
  149. dwError = DirGetNFAReferencesForNegPol(
  150. hLdapBindHandle,
  151. pszIpsecRootContainer,
  152. NegPolIdentifier,
  153. &ppszIpsecNFAReferences,
  154. &dwNumReferences
  155. );
  157. for (i = 0; i < dwNumReferences; i++) {
  159. pszIpsecNFAReference = *(ppszIpsecNFAReferences + i);
  161. dwError = DirUpdateNFA(
  162. hLdapBindHandle,
  163. pszIpsecRootContainer,
  164. pszIpsecNFAReference,
  165. 0x200
  166. );
  167. if (dwError) {
  168. continue;
  169. }
  171. dwError = DirUpdateNFA(
  172. hLdapBindHandle,
  173. pszIpsecRootContainer,
  174. pszIpsecNFAReference,
  175. 0x100
  176. );
  177. if (dwError) {
  178. continue;
  179. }
  181. dwError = DirBackPropIncChangesForNFAToPolicy(
  182. hLdapBindHandle,
  183. pszIpsecRootContainer,
  184. pszIpsecNFAReference
  185. );
  186. if (dwError) {
  187. continue;
  188. }
  190. }
  192. dwError = ERROR_SUCCESS;
  194. if (ppszIpsecNFAReferences) {
  195. FreeNFAReferences(
  196. ppszIpsecNFAReferences,
  197. dwNumReferences
  198. );
  199. }
  201. return (dwError);
  202. }
  205. DWORD
  206. DirBackPropIncChangesForNFAToPolicy(
  207. HLDAP hLdapBindHandle,
  208. LPWSTR pszIpsecRootContainer,
  209. LPWSTR pszNFADistinguishedName
  210. )
  211. {
  212. DWORD dwError = 0;
  213. LPWSTR * ppszIpsecPolicyReferences = NULL;
  214. DWORD dwNumReferences = 0;
  215. DWORD i = 0;
  216. LPWSTR pszIpsecPolicyReference = NULL;
  219. dwError = DirGetPolicyReferencesForNFA(
  220. hLdapBindHandle,
  221. pszIpsecRootContainer,
  222. pszNFADistinguishedName,
  223. &ppszIpsecPolicyReferences,
  224. &dwNumReferences
  225. );
  227. for (i = 0; i < dwNumReferences; i++) {
  229. pszIpsecPolicyReference = *(ppszIpsecPolicyReferences + i);
  231. dwError = DirUpdatePolicy(
  232. hLdapBindHandle,
  233. pszIpsecRootContainer,
  234. pszIpsecPolicyReference,
  235. 0x200
  236. );
  237. BAIL_ON_WIN32_ERROR(dwError);
  239. dwError = DirUpdatePolicy(
  240. hLdapBindHandle,
  241. pszIpsecRootContainer,
  242. pszIpsecPolicyReference,
  243. 0x100
  244. );
  245. BAIL_ON_WIN32_ERROR(dwError);
  247. }
  249. dwError = ERROR_SUCCESS;
  251. error:
  253. if (ppszIpsecPolicyReferences) {
  254. FreeNFAReferences(
  255. ppszIpsecPolicyReferences,
  256. dwNumReferences
  257. );
  258. }
  260. return (dwError);
  261. }
  264. DWORD
  265. DirGetPolicyReferencesForISAKMP(
  266. HLDAP hLdapBindHandle,
  267. LPWSTR pszIpsecRootContainer,
  268. GUID ISAKMPIdentifier,
  269. LPWSTR ** pppszIpsecPolicyReferences,
  270. PDWORD pdwNumReferences
  271. )
  272. {
  273. DWORD dwError = 0;
  274. PIPSEC_ISAKMP_OBJECT pIpsecISAKMPObject = NULL;
  275. LPWSTR * ppszIpsecPolicyReferences = NULL;
  276. DWORD dwNumReferences = 0;
  279. dwError = DirGetISAKMPObject(
  280. hLdapBindHandle,
  281. pszIpsecRootContainer,
  282. ISAKMPIdentifier,
  283. &pIpsecISAKMPObject
  284. );
  285. BAIL_ON_WIN32_ERROR(dwError);
  287. dwError = CopyReferences(
  288. pIpsecISAKMPObject->ppszIpsecNFAReferences,
  289. pIpsecISAKMPObject->dwNFACount,
  290. &ppszIpsecPolicyReferences,
  291. &dwNumReferences
  292. );
  293. BAIL_ON_WIN32_ERROR(dwError);
  295. *pppszIpsecPolicyReferences = ppszIpsecPolicyReferences;
  296. *pdwNumReferences = dwNumReferences;
  298. cleanup:
  300. if (pIpsecISAKMPObject) {
  301. FreeIpsecISAKMPObject(pIpsecISAKMPObject);
  302. }
  304. return (dwError);
  306. error:
  308. *pppszIpsecPolicyReferences = NULL;
  309. *pdwNumReferences = 0;
  311. goto cleanup;
  312. }
  315. DWORD
  316. DirUpdatePolicy(
  317. HLDAP hLdapBindHandle,
  318. LPWSTR pszIpsecRootContainer,
  319. LPWSTR pszIpsecPolicyReference,
  320. DWORD dwDataType
  321. )
  322. {
  323. DWORD dwError = 0;
  324. DWORD dwNumAttributes = 1;
  325. DWORD i = 0;
  326. LDAPModW ** ppLDAPModW = NULL;
  327. LDAPModW * pLDAPModW = NULL;
  328. WCHAR Buffer[64];
  329. DWORD dwIpsecDataType = dwDataType;
  332. Buffer[0] = L'\0';
  334. ppLDAPModW = (LDAPModW **) AllocPolMem(
  335. (dwNumAttributes+1) * sizeof(LDAPModW*)
  336. );
  337. if (!ppLDAPModW) {
  338. dwError = ERROR_OUTOFMEMORY;
  339. BAIL_ON_WIN32_ERROR(dwError);
  340. }
  342. pLDAPModW = (LDAPModW *) AllocPolMem(
  343. dwNumAttributes * sizeof(LDAPModW)
  344. );
  345. if (!pLDAPModW) {
  346. dwError = ERROR_OUTOFMEMORY;
  347. BAIL_ON_WIN32_ERROR(dwError);
  348. }
  350. ppLDAPModW[i] = pLDAPModW + i;
  352. dwError = AllocatePolString(
  353. L"ipsecDataType",
  354. &(pLDAPModW +i)->mod_type
  355. );
  356. BAIL_ON_WIN32_ERROR(dwError);
  358. _itow( dwIpsecDataType, Buffer, 10 );
  360. dwError = AllocateLDAPStringValue(
  361. Buffer,
  362. (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
  363. );
  364. BAIL_ON_WIN32_ERROR(dwError);
  366. (pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
  368. dwError = LdapModifyS(
  369. hLdapBindHandle,
  370. pszIpsecPolicyReference,
  371. ppLDAPModW
  372. );
  373. BAIL_ON_WIN32_ERROR(dwError);
  375. error:
  377. if (ppLDAPModW) {
  378. FreeLDAPModWs(
  379. ppLDAPModW
  380. );
  381. }
  383. return(dwError);
  384. }
  387. DWORD
  388. DirGetPolicyReferencesForNFA(
  389. HLDAP hLdapBindHandle,
  390. LPWSTR pszIpsecRootContainer,
  391. LPWSTR pszNFADistinguishedName,
  392. LPWSTR ** pppszIpsecPolicyReferences,
  393. PDWORD pdwNumReferences
  394. )
  395. {
  396. DWORD dwError = 0;
  397. LPWSTR pszIpsecID = NULL;
  398. GUID NFAIdentifier;
  399. PIPSEC_NFA_OBJECT pIpsecNFAObject = NULL;
  400. LPWSTR * ppszIpsecPolicyReferences = NULL;
  401. DWORD dwNumReferences = 0;
  404. pszIpsecID = wcschr(pszNFADistinguishedName, L'{');
  406. if (!pszIpsecID) {
  407. dwError = ERROR_INVALID_DATA;
  408. BAIL_ON_WIN32_ERROR(dwError);
  409. }
  411. wGUIDFromString(
  412. pszIpsecID,
  413. &NFAIdentifier
  414. );
  416. dwError = DirGetNFAObject(
  417. hLdapBindHandle,
  418. pszIpsecRootContainer,
  419. NFAIdentifier,
  420. &pIpsecNFAObject
  421. );
  422. BAIL_ON_WIN32_ERROR(dwError);
  424. dwError = CopyReferences(
  425. &(pIpsecNFAObject->pszIpsecOwnersReference),
  426. 1,
  427. &ppszIpsecPolicyReferences,
  428. &dwNumReferences
  429. );
  430. BAIL_ON_WIN32_ERROR(dwError);
  432. *pppszIpsecPolicyReferences = ppszIpsecPolicyReferences;
  433. *pdwNumReferences = dwNumReferences;
  435. cleanup:
  437. if (pIpsecNFAObject) {
  438. FreeIpsecNFAObject(pIpsecNFAObject);
  439. }
  441. return (dwError);
  443. error:
  445. *pppszIpsecPolicyReferences = NULL;
  446. *pdwNumReferences = 0;
  448. goto cleanup;
  449. }
  452. DWORD
  453. DirGetNFAReferencesForFilter(
  454. HLDAP hLdapBindHandle,
  455. LPWSTR pszIpsecRootContainer,
  456. GUID FilterIdentifier,
  457. LPWSTR ** pppszIpsecNFAReferences,
  458. PDWORD pdwNumReferences
  459. )
  460. {
  461. DWORD dwError = 0;
  462. PIPSEC_FILTER_OBJECT pIpsecFilterObject = NULL;
  463. LPWSTR * ppszIpsecNFAReferences = NULL;
  464. DWORD dwNumReferences = 0;
  467. dwError = DirGetFilterObject(
  468. hLdapBindHandle,
  469. pszIpsecRootContainer,
  470. FilterIdentifier,
  471. &pIpsecFilterObject
  472. );
  473. BAIL_ON_WIN32_ERROR(dwError);
  475. dwError = CopyReferences(
  476. pIpsecFilterObject->ppszIpsecNFAReferences,
  477. pIpsecFilterObject->dwNFACount,
  478. &ppszIpsecNFAReferences,
  479. &dwNumReferences
  480. );
  481. BAIL_ON_WIN32_ERROR(dwError);
  483. *pppszIpsecNFAReferences = ppszIpsecNFAReferences;
  484. *pdwNumReferences = dwNumReferences;
  486. cleanup:
  488. if (pIpsecFilterObject) {
  489. FreeIpsecFilterObject(pIpsecFilterObject);
  490. }
  492. return (dwError);
  494. error:
  496. *pppszIpsecNFAReferences = NULL;
  497. *pdwNumReferences = 0;
  499. goto cleanup;
  500. }
  503. DWORD
  504. DirUpdateNFA(
  505. HLDAP hLdapBindHandle,
  506. LPWSTR pszIpsecRootContainer,
  507. LPWSTR pszIpsecNFAReference,
  508. DWORD dwDataType
  509. )
  510. {
  511. DWORD dwError = 0;
  512. DWORD dwNumAttributes = 1;
  513. DWORD i = 0;
  514. LDAPModW ** ppLDAPModW = NULL;
  515. LDAPModW * pLDAPModW = NULL;
  516. WCHAR Buffer[64];
  517. DWORD dwIpsecDataType = dwDataType;
  520. Buffer[0] = L'\0';
  522. ppLDAPModW = (LDAPModW **) AllocPolMem(
  523. (dwNumAttributes+1) * sizeof(LDAPModW*)
  524. );
  525. if (!ppLDAPModW) {
  526. dwError = ERROR_OUTOFMEMORY;
  527. BAIL_ON_WIN32_ERROR(dwError);
  528. }
  530. pLDAPModW = (LDAPModW *) AllocPolMem(
  531. dwNumAttributes * sizeof(LDAPModW)
  532. );
  533. if (!pLDAPModW) {
  534. dwError = ERROR_OUTOFMEMORY;
  535. BAIL_ON_WIN32_ERROR(dwError);
  536. }
  538. ppLDAPModW[i] = pLDAPModW + i;
  540. dwError = AllocatePolString(
  541. L"ipsecDataType",
  542. &(pLDAPModW +i)->mod_type
  543. );
  544. BAIL_ON_WIN32_ERROR(dwError);
  546. _itow( dwIpsecDataType, Buffer, 10 );
  548. dwError = AllocateLDAPStringValue(
  549. Buffer,
  550. (PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
  551. );
  552. BAIL_ON_WIN32_ERROR(dwError);
  554. (pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
  556. dwError = LdapModifyS(
  557. hLdapBindHandle,
  558. pszIpsecNFAReference,
  559. ppLDAPModW
  560. );
  561. BAIL_ON_WIN32_ERROR(dwError);
  563. error:
  565. if (ppLDAPModW) {
  566. FreeLDAPModWs(
  567. ppLDAPModW
  568. );
  569. }
  571. return(dwError);
  572. }
  575. DWORD
  576. DirGetNFAReferencesForNegPol(
  577. HLDAP hLdapBindHandle,
  578. LPWSTR pszIpsecRootContainer,
  579. GUID NegPolIdentifier,
  580. LPWSTR ** pppszIpsecNFAReferences,
  581. PDWORD pdwNumReferences
  582. )
  583. {
  584. DWORD dwError = 0;
  585. PIPSEC_NEGPOL_OBJECT pIpsecNegPolObject = NULL;
  586. LPWSTR * ppszIpsecNFAReferences = NULL;
  587. DWORD dwNumReferences = 0;
  590. dwError = DirGetNegPolObject(
  591. hLdapBindHandle,
  592. pszIpsecRootContainer,
  593. NegPolIdentifier,
  594. &pIpsecNegPolObject
  595. );
  596. BAIL_ON_WIN32_ERROR(dwError);
  598. dwError = CopyReferences(
  599. pIpsecNegPolObject->ppszIpsecNFAReferences,
  600. pIpsecNegPolObject->dwNFACount,
  601. &ppszIpsecNFAReferences,
  602. &dwNumReferences
  603. );
  604. BAIL_ON_WIN32_ERROR(dwError);
  606. *pppszIpsecNFAReferences = ppszIpsecNFAReferences;
  607. *pdwNumReferences = dwNumReferences;
  609. cleanup:
  611. if (pIpsecNegPolObject) {
  612. FreeIpsecNegPolObject(pIpsecNegPolObject);
  613. }
  615. return (dwError);
  617. error:
  619. *pppszIpsecNFAReferences = NULL;
  620. *pdwNumReferences = 0;
  622. goto cleanup;
  623. }
  626. DWORD
  627. CopyReferences(
  628. LPWSTR * ppszIpsecReferences,
  629. DWORD dwNumReferences,
  630. LPWSTR ** pppszNewIpsecReferences,
  631. PDWORD pdwNumNewReferences
  632. )
  633. {
  634. DWORD dwError = 0;
  635. LPWSTR * ppszNewIpsecReferences = NULL;
  636. DWORD i = 0;
  637. LPWSTR pszTemp = NULL;
  638. LPWSTR pszString = NULL;
  641. if (!dwNumReferences || !ppszIpsecReferences) {
  642. *pppszNewIpsecReferences = NULL;
  643. *pdwNumNewReferences = 0;
  644. return (dwError);
  645. }
  647. ppszNewIpsecReferences = (LPWSTR *) AllocPolMem(
  648. sizeof(LPWSTR) * dwNumReferences
  649. );
  650. if (!ppszNewIpsecReferences) {
  651. dwError = ERROR_OUTOFMEMORY;
  652. BAIL_ON_WIN32_ERROR(dwError);
  653. }
  655. for (i = 0; i < dwNumReferences; i++) {
  657. pszTemp = *(ppszIpsecReferences + i);
  659. pszString = AllocPolStr(pszTemp);
  661. if (!pszString) {
  662. dwError = ERROR_OUTOFMEMORY;
  663. BAIL_ON_WIN32_ERROR(dwError);
  664. }
  666. *(ppszNewIpsecReferences + i) = pszString;
  668. }
  670. *pppszNewIpsecReferences = ppszNewIpsecReferences;
  671. *pdwNumNewReferences = dwNumReferences;
  673. return (dwError);
  675. error:
  677. if (ppszNewIpsecReferences) {
  678. FreeNFAReferences(
  679. ppszNewIpsecReferences,
  680. i
  681. );
  682. }
  684. *pppszNewIpsecReferences = NULL;
  685. *pdwNumNewReferences = 0;
  687. return (dwError);
  688. }