mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
97 lines
3.0 KiB
97 lines
3.0 KiB
// define UNICODE for this module so linking works
|
|
|
|
#ifndef _POL2STORE_H_
|
|
#define _POL2STORE_H_
|
|
|
|
const time_t P2STORE_DEFAULT_POLLINT = 60 * 180;
|
|
const HRESULT P2STORE_MISSING_NAME = 0x00000013;
|
|
|
|
// these are the versions of storage that we want
|
|
const DWORD P2S_MAJOR_VER = 0x00010000;
|
|
const DWORD P2S_MINOR_VER = 0x00000000;
|
|
|
|
class IPSECPolicyToStorage
|
|
{
|
|
public:
|
|
|
|
// these just to initialization/deleting,
|
|
// you must call Open to do anything useful
|
|
IPSECPolicyToStorage();
|
|
~IPSECPolicyToStorage();
|
|
|
|
// opens the location and establishes
|
|
// an ipsec policy to work with
|
|
HRESULT
|
|
Open(IN DWORD location,
|
|
IN LPTSTR name,
|
|
IN LPTSTR szPolicyName,
|
|
IN LPTSTR szDescription = NULL,
|
|
IN time_t tPollingInterval = P2STORE_DEFAULT_POLLINT,
|
|
IN bool bUseExisting = false);
|
|
|
|
// add rules to the policy
|
|
HRESULT
|
|
AddRule(IN IPSEC_IKE_POLICY ,
|
|
IN PSTORAGE_INFO pStorageInfo = NULL);
|
|
HRESULT
|
|
AddDefaultResponseRule( );
|
|
|
|
// associates an ISAKMP policy
|
|
HRESULT SetISAKMPPolicy(IPSEC_MM_POLICY);
|
|
|
|
HRESULT
|
|
UpdateRule(
|
|
IN PIPSEC_NFA_DATA pRule,
|
|
IN IPSEC_IKE_POLICY IpsecIkePol,
|
|
IN PSTORAGE_INFO pStorageInfo = NULL);
|
|
|
|
|
|
bool IsOpen() { return mybIsOpen; }
|
|
bool IsPolicyInStorage() { return mybPolicyExists; }
|
|
|
|
// will return a list of filters given a filter spec
|
|
// WILL NOT COMMIT to the storage
|
|
PIPSEC_FILTER_DATA IPSECPolicyToStorage::MakeFilters(
|
|
T2P_FILTER *Filters,
|
|
UINT NumFilters,
|
|
LPWSTR);
|
|
|
|
PIPSEC_POLICY_DATA GetPolicy() { return myIPSECPolicy; }
|
|
HANDLE GetStorageHandle() { return myPolicyStorage; }
|
|
DWORD SetAssignedPolicy(PIPSEC_POLICY_DATA p)
|
|
{
|
|
PIPSEC_POLICY_DATA pActive = NULL;
|
|
DWORD dwReturn = ERROR_SUCCESS;
|
|
dwReturn = IsPolicyInStorage() ?
|
|
(IPSecGetAssignedPolicyData(myPolicyStorage, &pActive),
|
|
pActive ? IPSecUnassignPolicy(myPolicyStorage, pActive->PolicyIdentifier) : 0,
|
|
IPSecAssignPolicy(myPolicyStorage, p->PolicyIdentifier)) :
|
|
ERROR_ACCESS_DENIED;
|
|
// if (pActive) IPSecFreePolicyData(pActive);
|
|
// polstore AVs if something inside the policy is missing
|
|
return dwReturn;
|
|
}
|
|
|
|
// this is temp patch
|
|
static LPVOID ReallocPolMem (LPVOID pOldMem, DWORD cbOld, DWORD cbNew);
|
|
|
|
private:
|
|
void TryToCreatePolicy();
|
|
PIPSEC_NEGPOL_DATA
|
|
MakeNegotiationPolicy(IPSEC_QM_POLICY IpsPol,
|
|
LPWSTR);
|
|
PIPSEC_NEGPOL_DATA MakeDefaultResponseNegotiationPolicy ( );
|
|
|
|
PIPSEC_NFA_DATA
|
|
MakeRule(IN IPSEC_IKE_POLICY IpsecIkePol, IN PSTORAGE_INFO pStorageInfo = NULL);
|
|
|
|
PIPSEC_NFA_DATA MakeDefaultResponseRule ( );
|
|
|
|
HANDLE myPolicyStorage;
|
|
PIPSEC_POLICY_DATA myIPSECPolicy;
|
|
bool mybIsOpen;
|
|
bool mybPolicyExists;
|
|
};
|
|
|
|
#endif
|
|
|