|
|
/*++
Copyright (c) 1999 Microsoft Corporation
Module Name:
init.h
Abstract:
This module contains all of the code to initialize the variables for the IPSecSPD Service.
Author:
abhisheV 30-September-1999
Environment
User Level: Win32
Revision History:
--*/
#include "precomp.h"
#define SZAPPNAME L"ipsecsvc.dll"
DWORDInitSPDThruRegistry( ){ DWORD dwError = 0; HKEY hKey = NULL; DWORD dwtype = REG_DWORD; DWORD dwsize = sizeof(DWORD); DWORD dwBackwardSoftSA = 0;
dwError = RegOpenKey( HKEY_LOCAL_MACHINE, gpszLocPolicyAgent, &hKey ); if (dwError) { gdwDSConnectivityCheck = DEFAULT_DS_CONNECTIVITY_CHECK; dwError = ERROR_SUCCESS; BAIL_ON_WIN32_SUCCESS(dwError); }
//
// Get DS connectivity check polling interval in minutes.
//
dwError = RegQueryValueEx( hKey, L"DSConnectivityCheck", 0, &dwtype, (unsigned char *) &gdwDSConnectivityCheck, &dwsize ); if (dwError || !gdwDSConnectivityCheck) { gdwDSConnectivityCheck = DEFAULT_DS_CONNECTIVITY_CHECK; dwError = ERROR_SUCCESS; }
//
// Fix for bug 628668: SECURITY: ITG: BUG: IPsec accepts unsecured packet when
// "accept unsecured" not checked. If OldFallBackToClear == 1, then will revert
// to old behavior and plumb inbound pass thru if fall back to clear selected.
// If OldFallBackToClear 0, then will plumb "negotiate security" instead.
//
dwsize = sizeof(DWORD); dwError = RegQueryValueEx( hKey, L"OldFallBackToClear", 0, &dwtype, (unsigned char *) &dwBackwardSoftSA, &dwsize ); if (dwError) { dwBackwardSoftSA = 0; dwError = ERROR_SUCCESS; BAIL_ON_WIN32_SUCCESS(dwError); }
success: gbBackwardSoftSA = dwBackwardSoftSA ? TRUE : FALSE; if (hKey) { RegCloseKey(hKey); }
return (dwError);}
DWORDInitSPDGlobals( ){ DWORD dwError = 0; SECURITY_ATTRIBUTES SecurityAttributes;
dwError = InitializeSPDSecurity(&gpSPDSD); BAIL_ON_WIN32_ERROR(dwError);
InitializeCriticalSection(&gcSPDAuditSection); gbSPDAuditSection = TRUE;
ghIpsecServerModule = GetModuleHandle(SZAPPNAME);
if (!ghIpsecServerModule) { dwError = ERROR_INVALID_HANDLE; BAIL_ON_WIN32_ERROR(dwError); }
memset(&SecurityAttributes, 0, sizeof(SECURITY_ATTRIBUTES));
SecurityAttributes.nLength = sizeof(SecurityAttributes); SecurityAttributes.lpSecurityDescriptor = NULL; SecurityAttributes.bInheritHandle = TRUE;
ghNewDSPolicyEvent = CreateEvent( &SecurityAttributes, TRUE, FALSE, IPSEC_NEW_DS_POLICY_EVENT ); if (!ghNewDSPolicyEvent) { dwError = GetLastError(); BAIL_ON_WIN32_ERROR(dwError); }
ghNewLocalPolicyEvent = CreateEvent( &SecurityAttributes, TRUE, FALSE, NULL ); if (!ghNewLocalPolicyEvent) { dwError = GetLastError(); BAIL_ON_WIN32_ERROR(dwError); }
ghForcedPolicyReloadEvent = CreateEvent( &SecurityAttributes, TRUE, FALSE, NULL ); if (!ghForcedPolicyReloadEvent) { dwError = GetLastError(); BAIL_ON_WIN32_ERROR(dwError); }
//
// IPSEC_POLICY_CHANGE_NOTIFY is defined in ipsec.h.
//
ghPolicyChangeNotifyEvent = CreateEvent( NULL, TRUE, FALSE, IPSEC_POLICY_CHANGE_NOTIFY ); if (!ghPolicyChangeNotifyEvent) { dwError = GetLastError(); BAIL_ON_WIN32_ERROR(dwError); }
ghServiceStopEvent = CreateEvent( &SecurityAttributes, TRUE, FALSE, NULL ); if (!ghServiceStopEvent) { dwError = GetLastError(); BAIL_ON_WIN32_ERROR(dwError); }
InitializeCriticalSection(&gcServerListenSection);
gbServerListenSection = TRUE;
gdwServersListening = 0;
InitializeCriticalSection(&gcSPDSection);
gbSPDSection = TRUE;
dwError = InitializeInterfaceChangeEvent(); BAIL_ON_WIN32_ERROR(dwError);
dwError = ResetInterfaceChangeEvent(); BAIL_ON_WIN32_ERROR(dwError);
error:
return (dwError);}
|
