archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
 
 
 
 
 
 
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/net/ipsec/polstore/filters-d.c

1218 lines
27 KiB
Raw Blame History

//----------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 2000.
//
// File: filters-d.c
//
// Contents: Filter Management for directory.
//
//
// History: KrishnaG
// AbhisheV
//
//----------------------------------------------------------------------------
#include "precomp.h"
extern LPWSTR FilterDNAttributes[];
DWORD
DirEnumFilterData(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
PIPSEC_FILTER_DATA ** pppIpsecFilterData,
PDWORD pdwNumFilterObjects
)
{
DWORD dwError = 0;
PIPSEC_FILTER_OBJECT * ppIpsecFilterObjects = NULL;
PIPSEC_FILTER_DATA pIpsecFilterData = NULL;
PIPSEC_FILTER_DATA * ppIpsecFilterData = NULL;
DWORD dwNumFilterObjects = 0;
DWORD i = 0;
DWORD j = 0;
dwError = DirEnumFilterObjects(
hLdapBindHandle,
pszIpsecRootContainer,
&ppIpsecFilterObjects,
&dwNumFilterObjects
);
BAIL_ON_WIN32_ERROR(dwError);
if (dwNumFilterObjects) {
ppIpsecFilterData = (PIPSEC_FILTER_DATA *) AllocPolMem(
dwNumFilterObjects*sizeof(PIPSEC_FILTER_DATA)
);
if (!ppIpsecFilterData) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
}
for (i = 0; i < dwNumFilterObjects; i++) {
dwError = DirUnmarshallFilterData(
*(ppIpsecFilterObjects + i),
&pIpsecFilterData
);
if (!dwError) {
*(ppIpsecFilterData + j) = pIpsecFilterData;
j++;
}
}
if (j == 0) {
if (ppIpsecFilterData) {
FreePolMem(ppIpsecFilterData);
ppIpsecFilterData = NULL;
}
}
*pppIpsecFilterData = ppIpsecFilterData;
*pdwNumFilterObjects = j;
dwError = ERROR_SUCCESS;
cleanup:
if (ppIpsecFilterObjects) {
FreeIpsecFilterObjects(
ppIpsecFilterObjects,
dwNumFilterObjects
);
}
return(dwError);
error:
if (ppIpsecFilterData) {
FreeMulIpsecFilterData(
ppIpsecFilterData,
i
);
}
*pppIpsecFilterData = NULL;
*pdwNumFilterObjects = 0;
goto cleanup;
}
DWORD
DirEnumFilterObjects(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
PIPSEC_FILTER_OBJECT ** pppIpsecFilterObjects,
PDWORD pdwNumFilterObjects
)
{
LDAPMessage *res = NULL;
LDAPMessage *e = NULL;
DWORD dwError = 0;
LPWSTR pszFilterString = NULL;
DWORD i = 0;
DWORD dwCount = 0;
PIPSEC_FILTER_OBJECT pIpsecFilterObject = NULL;
PIPSEC_FILTER_OBJECT * ppIpsecFilterObjects = NULL;
DWORD dwNumFilterObjectsReturned = 0;
dwError = GenerateAllFiltersQuery(
&pszFilterString
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = LdapSearchST(
hLdapBindHandle,
pszIpsecRootContainer,
LDAP_SCOPE_ONELEVEL,
pszFilterString,
FilterDNAttributes,
0,
NULL,
&res
);
BAIL_ON_WIN32_ERROR(dwError);
dwCount = LdapCountEntries(
hLdapBindHandle,
res
);
if (!dwCount) {
dwError = ERROR_DS_NO_ATTRIBUTE_OR_VALUE;
BAIL_ON_WIN32_ERROR(dwError);
}
ppIpsecFilterObjects = (PIPSEC_FILTER_OBJECT *)AllocPolMem(
sizeof(PIPSEC_FILTER_OBJECT)*dwCount
);
if (!ppIpsecFilterObjects) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
for (i = 0; i < dwCount; i++) {
if (i == 0) {
dwError = LdapFirstEntry(
hLdapBindHandle,
res,
&e
);
BAIL_ON_WIN32_ERROR(dwError);
} else {
dwError = LdapNextEntry(
hLdapBindHandle,
e,
&e
);
BAIL_ON_WIN32_ERROR(dwError);
}
dwError = UnMarshallFilterObject(
hLdapBindHandle,
e,
&pIpsecFilterObject
);
if (dwError == ERROR_SUCCESS) {
*(ppIpsecFilterObjects + dwNumFilterObjectsReturned) = pIpsecFilterObject;
dwNumFilterObjectsReturned++;
}
}
*pppIpsecFilterObjects = ppIpsecFilterObjects;
*pdwNumFilterObjects = dwNumFilterObjectsReturned;
dwError = ERROR_SUCCESS;
cleanup:
if (pszFilterString) {
FreePolMem(pszFilterString);
}
if (res) {
LdapMsgFree(res);
}
return(dwError);
error:
if (ppIpsecFilterObjects) {
FreeIpsecFilterObjects(
ppIpsecFilterObjects,
dwNumFilterObjectsReturned
);
}
*pppIpsecFilterObjects = NULL;
*pdwNumFilterObjects = 0;
goto cleanup;
}
DWORD
DirSetFilterData(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
PIPSEC_FILTER_DATA pIpsecFilterData
)
{
DWORD dwError = 0;
PIPSEC_FILTER_OBJECT pIpsecFilterObject = NULL;
dwError = DirMarshallFilterObject(
pIpsecFilterData,
pszIpsecRootContainer,
&pIpsecFilterObject
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = DirSetFilterObject(
hLdapBindHandle,
pszIpsecRootContainer,
pIpsecFilterObject
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = DirBackPropIncChangesForFilterToNFA(
hLdapBindHandle,
pszIpsecRootContainer,
pIpsecFilterData->FilterIdentifier
);
BAIL_ON_WIN32_ERROR(dwError);
error:
if (pIpsecFilterObject) {
FreeIpsecFilterObject(pIpsecFilterObject);
}
return(dwError);
}
DWORD
DirSetFilterObject(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
PIPSEC_FILTER_OBJECT pIpsecFilterObject
)
{
DWORD dwError = 0;
LDAPModW ** ppLDAPModW = NULL;
dwError = DirMarshallSetFilterObject(
hLdapBindHandle,
pszIpsecRootContainer,
pIpsecFilterObject,
&ppLDAPModW
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = LdapModifyS(
hLdapBindHandle,
pIpsecFilterObject->pszDistinguishedName,
ppLDAPModW
);
BAIL_ON_WIN32_ERROR(dwError);
error:
//
// Free the amods structures.
//
if (ppLDAPModW) {
FreeLDAPModWs(
ppLDAPModW
);
}
return(dwError);
}
DWORD
DirCreateFilterData(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
PIPSEC_FILTER_DATA pIpsecFilterData
)
{
DWORD dwError = 0;
PIPSEC_FILTER_OBJECT pIpsecFilterObject = NULL;
dwError = DirMarshallFilterObject(
pIpsecFilterData,
pszIpsecRootContainer,
&pIpsecFilterObject
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = DirCreateFilterObject(
hLdapBindHandle,
pszIpsecRootContainer,
pIpsecFilterObject
);
BAIL_ON_WIN32_ERROR(dwError);
error:
if (pIpsecFilterObject) {
FreeIpsecFilterObject(
pIpsecFilterObject
);
}
return(dwError);
}
DWORD
DirCreateFilterObject(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
PIPSEC_FILTER_OBJECT pIpsecFilterObject
)
{
DWORD dwError = 0;
LDAPModW ** ppLDAPModW = NULL;
dwError = DirMarshallAddFilterObject(
hLdapBindHandle,
pszIpsecRootContainer,
pIpsecFilterObject,
&ppLDAPModW
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = LdapAddS(
hLdapBindHandle,
pIpsecFilterObject->pszDistinguishedName,
ppLDAPModW
);
BAIL_ON_WIN32_ERROR(dwError);
error:
//
// Free the amods structures.
//
if (ppLDAPModW) {
FreeLDAPModWs(
ppLDAPModW
);
}
return(dwError);
}
DWORD
DirDeleteFilterData(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
GUID FilterIdentifier
)
{
DWORD dwError = ERROR_SUCCESS;
WCHAR szGuid[MAX_PATH];
WCHAR szDistinguishedName[MAX_PATH];
LPWSTR pszStringUuid = NULL;
szGuid[0] = L'\0';
szDistinguishedName[0] = L'\0';
dwError = UuidToString(
&FilterIdentifier,
&pszStringUuid
);
BAIL_ON_WIN32_ERROR(dwError);
wcscpy(szGuid, L"{");
wcscat(szGuid, pszStringUuid);
wcscat(szGuid, L"}");
wcscpy(szDistinguishedName,L"CN=ipsecFilter");
wcscat(szDistinguishedName, szGuid);
wcscat(szDistinguishedName, L",");
wcscat(szDistinguishedName, pszIpsecRootContainer);
dwError = LdapDeleteS(
hLdapBindHandle,
szDistinguishedName
);
BAIL_ON_WIN32_ERROR(dwError);
error:
if (pszStringUuid) {
RpcStringFree(&pszStringUuid);
}
return(dwError);
}
DWORD
DirMarshallAddFilterObject(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
PIPSEC_FILTER_OBJECT pIpsecFilterObject,
LDAPModW *** pppLDAPModW
)
{
DWORD i = 0;
LDAPModW ** ppLDAPModW = NULL;
LDAPModW * pLDAPModW = NULL;
DWORD dwNumAttributes = 6;
DWORD dwError = 0;
WCHAR Buffer[64];
if (!pIpsecFilterObject->pszIpsecName ||
!*pIpsecFilterObject->pszIpsecName) {
dwNumAttributes--;
}
if (!pIpsecFilterObject->pszDescription ||
!*pIpsecFilterObject->pszDescription) {
dwNumAttributes--;
}
ppLDAPModW = (LDAPModW **) AllocPolMem(
(dwNumAttributes+1) * sizeof(LDAPModW*)
);
if (!ppLDAPModW) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
pLDAPModW = (LDAPModW *) AllocPolMem(
dwNumAttributes * sizeof(LDAPModW)
);
if (!pLDAPModW) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
//
// 0. objectClass
//
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"objectClass",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue(
L"ipsecFilter",
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 1. ipsecName
//
if (pIpsecFilterObject->pszIpsecName &&
*pIpsecFilterObject->pszIpsecName) {
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"ipsecName",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue(
pIpsecFilterObject->pszIpsecName,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
}
//
// 2. ipsecID
//
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"ipsecID",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue(
pIpsecFilterObject->pszIpsecID,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 3. ipsecDataType
//
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"ipsecDataType",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
_itow( pIpsecFilterObject->dwIpsecDataType, Buffer, 10 );
dwError = AllocateLDAPStringValue(
Buffer,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 4. ipsecData
//
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"ipsecData",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPBinaryValue(
pIpsecFilterObject->pIpsecData,
pIpsecFilterObject->dwIpsecDataLen,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW+i)->mod_op = LDAP_MOD_REPLACE | LDAP_MOD_BVALUES;
i++;
//
// 5. description
//
if (pIpsecFilterObject->pszDescription &&
*pIpsecFilterObject->pszDescription) {
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"description",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue(
pIpsecFilterObject->pszDescription,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
}
*pppLDAPModW = ppLDAPModW;
return(dwError);
error:
if (ppLDAPModW) {
FreeLDAPModWs(
ppLDAPModW
);
}
*pppLDAPModW = NULL;
return(dwError);
}
DWORD
DirMarshallSetFilterObject(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
PIPSEC_FILTER_OBJECT pIpsecFilterObject,
LDAPModW *** pppLDAPModW
)
{
DWORD i = 0;
LDAPModW ** ppLDAPModW = NULL;
LDAPModW * pLDAPModW = NULL;
DWORD dwNumAttributes = 5;
DWORD dwError = 0;
WCHAR Buffer[64];
if (!pIpsecFilterObject->pszIpsecName ||
!*pIpsecFilterObject->pszIpsecName) {
dwNumAttributes--;
}
if (!pIpsecFilterObject->pszDescription ||
!*pIpsecFilterObject->pszDescription) {
dwNumAttributes--;
}
ppLDAPModW = (LDAPModW **) AllocPolMem(
(dwNumAttributes+1) * sizeof(LDAPModW*)
);
if (!ppLDAPModW) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
pLDAPModW = (LDAPModW *) AllocPolMem(
dwNumAttributes * sizeof(LDAPModW)
);
if (!pLDAPModW) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
//
// 1. ipsecName
//
if (pIpsecFilterObject->pszIpsecName &&
*pIpsecFilterObject->pszIpsecName) {
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"ipsecName",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue(
pIpsecFilterObject->pszIpsecName,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
}
//
// 2. ipsecID
//
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"ipsecID",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue(
pIpsecFilterObject->pszIpsecID,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 3. ipsecDataType
//
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"ipsecDataType",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
_itow( pIpsecFilterObject->dwIpsecDataType, Buffer, 10 );
dwError = AllocateLDAPStringValue(
Buffer,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
//
// 4. ipsecData
//
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"ipsecData",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPBinaryValue(
pIpsecFilterObject->pIpsecData,
pIpsecFilterObject->dwIpsecDataLen,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW+i)->mod_op = LDAP_MOD_REPLACE | LDAP_MOD_BVALUES;
i++;
//
// 5. description
//
if (pIpsecFilterObject->pszDescription &&
*pIpsecFilterObject->pszDescription) {
ppLDAPModW[i] = pLDAPModW + i;
dwError = AllocatePolString(
L"description",
&(pLDAPModW +i)->mod_type
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = AllocateLDAPStringValue(
pIpsecFilterObject->pszDescription,
(PLDAPOBJECT *)&(pLDAPModW +i)->mod_values
);
BAIL_ON_WIN32_ERROR(dwError);
(pLDAPModW + i)->mod_op |= LDAP_MOD_REPLACE;
i++;
}
*pppLDAPModW = ppLDAPModW;
return(dwError);
error:
if (ppLDAPModW) {
FreeLDAPModWs(
ppLDAPModW
);
}
*pppLDAPModW = NULL;
return(dwError);
}
DWORD
GenerateAllFiltersQuery(
LPWSTR * ppszFilterString
)
{
DWORD dwError = 0;
DWORD dwLength = 0;
LPWSTR pszFilterString = NULL;
//
// Compute Length of Buffer to be allocated
//
dwLength = wcslen(L"(objectclass=ipsecFilter)");
pszFilterString = (LPWSTR) AllocPolMem((dwLength + 1)*sizeof(WCHAR));
if (!pszFilterString) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
//
// Now fill in the buffer
//
wcscpy(pszFilterString, L"(objectclass=ipsecFilter)");
*ppszFilterString = pszFilterString;
return(0);
error:
if (pszFilterString) {
FreePolMem(pszFilterString);
}
*ppszFilterString = NULL;
return(dwError);
}
DWORD
DirUnmarshallFilterData(
PIPSEC_FILTER_OBJECT pIpsecFilterObject,
PIPSEC_FILTER_DATA * ppIpsecFilterData
)
{
DWORD dwError = 0;
dwError = UnmarshallFilterObject(
pIpsecFilterObject,
ppIpsecFilterData
);
return(dwError);
}
DWORD
DirMarshallFilterObject(
PIPSEC_FILTER_DATA pIpsecFilterData,
LPWSTR pszIpsecRootContainer,
PIPSEC_FILTER_OBJECT * ppIpsecFilterObject
)
{
DWORD dwError = 0;
PIPSEC_FILTER_OBJECT pIpsecFilterObject = NULL;
WCHAR szGuid[MAX_PATH];
WCHAR szDistinguishedName[MAX_PATH];
LPBYTE pBuffer = NULL;
DWORD dwBufferLen = 0;
LPWSTR pszStringUuid = NULL;
szGuid[0] = L'\0';
szDistinguishedName[0] = L'\0';
pIpsecFilterObject = (PIPSEC_FILTER_OBJECT)AllocPolMem(
sizeof(IPSEC_FILTER_OBJECT)
);
if (!pIpsecFilterObject) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
dwError = UuidToString(
&pIpsecFilterData->FilterIdentifier,
&pszStringUuid
);
BAIL_ON_WIN32_ERROR(dwError);
wcscpy(szGuid, L"{");
wcscat(szGuid, pszStringUuid);
wcscat(szGuid, L"}");
//
// Fill in the distinguishedName
//
wcscpy(szDistinguishedName,L"CN=ipsecFilter");
wcscat(szDistinguishedName, szGuid);
wcscat(szDistinguishedName, L",");
wcscat(szDistinguishedName, pszIpsecRootContainer);
pIpsecFilterObject->pszDistinguishedName = AllocPolStr(
szDistinguishedName
);
if (!pIpsecFilterObject->pszDistinguishedName) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
//
// Fill in the ipsecName
//
if (pIpsecFilterData->pszIpsecName &&
*pIpsecFilterData->pszIpsecName) {
pIpsecFilterObject->pszIpsecName = AllocPolStr(
pIpsecFilterData->pszIpsecName
);
if (!pIpsecFilterObject->pszIpsecName) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
}
if (pIpsecFilterData->pszDescription &&
*pIpsecFilterData->pszDescription) {
pIpsecFilterObject->pszDescription = AllocPolStr(
pIpsecFilterData->pszDescription
);
if (!pIpsecFilterObject->pszDescription) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
}
//
// Fill in the ipsecID
//
pIpsecFilterObject->pszIpsecID = AllocPolStr(
szGuid
);
if (!pIpsecFilterObject->pszIpsecID) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
//
// Fill in the ipsecDataType
//
pIpsecFilterObject->dwIpsecDataType = 0x100;
//
// Marshall the pIpsecDataBuffer and the Length
//
dwError = MarshallFilterBuffer(
pIpsecFilterData,
&pBuffer,
&dwBufferLen
);
BAIL_ON_WIN32_ERROR(dwError);
pIpsecFilterObject->pIpsecData = pBuffer;
pIpsecFilterObject->dwIpsecDataLen = dwBufferLen;
pIpsecFilterObject->dwWhenChanged = 0;
*ppIpsecFilterObject = pIpsecFilterObject;
cleanup:
if (pszStringUuid) {
RpcStringFree(
&pszStringUuid
);
}
return(dwError);
error:
if (pIpsecFilterObject) {
FreeIpsecFilterObject(
pIpsecFilterObject
);
}
*ppIpsecFilterObject = NULL;
goto cleanup;
}
DWORD
DirGetFilterData(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
GUID FilterGUID,
PIPSEC_FILTER_DATA * ppIpsecFilterData
)
{
DWORD dwError = 0;
PIPSEC_FILTER_OBJECT pIpsecFilterObject = NULL;
PIPSEC_FILTER_DATA pIpsecFilterData = NULL;
dwError = DirGetFilterObject(
hLdapBindHandle,
pszIpsecRootContainer,
FilterGUID,
&pIpsecFilterObject
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = DirUnmarshallFilterData(
pIpsecFilterObject,
&pIpsecFilterData
);
BAIL_ON_WIN32_ERROR(dwError);
*ppIpsecFilterData = pIpsecFilterData;
cleanup:
if (pIpsecFilterObject) {
FreeIpsecFilterObject(
pIpsecFilterObject
);
}
return(dwError);
error:
*ppIpsecFilterData = NULL;
goto cleanup;
}
DWORD
DirGetFilterObject(
HLDAP hLdapBindHandle,
LPWSTR pszIpsecRootContainer,
GUID FilterGUID,
PIPSEC_FILTER_OBJECT * ppIpsecFilterObject
)
{
DWORD dwError = 0;
LPWSTR pszFilterString = NULL;
LDAPMessage * res = NULL;
DWORD dwCount = 0;
LDAPMessage * e = NULL;
PIPSEC_FILTER_OBJECT pIpsecFilterObject = NULL;
dwError = GenerateSpecificFilterQuery(
FilterGUID,
&pszFilterString
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = LdapSearchST(
hLdapBindHandle,
pszIpsecRootContainer,
LDAP_SCOPE_ONELEVEL,
pszFilterString,
FilterDNAttributes,
0,
NULL,
&res
);
BAIL_ON_WIN32_ERROR(dwError);
dwCount = LdapCountEntries(
hLdapBindHandle,
res
);
if (!dwCount) {
dwError = ERROR_DS_NO_ATTRIBUTE_OR_VALUE;
BAIL_ON_WIN32_ERROR(dwError);
}
dwError = LdapFirstEntry(
hLdapBindHandle,
res,
&e
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = UnMarshallFilterObject(
hLdapBindHandle,
e,
&pIpsecFilterObject
);
BAIL_ON_WIN32_ERROR(dwError);
*ppIpsecFilterObject = pIpsecFilterObject;
dwError = ERROR_SUCCESS;
cleanup:
if (pszFilterString) {
FreePolMem(pszFilterString);
}
if (res) {
LdapMsgFree(res);
}
return(dwError);
error:
if (pIpsecFilterObject) {
FreeIpsecFilterObject(
pIpsecFilterObject
);
}
*ppIpsecFilterObject = NULL;
goto cleanup;
}
DWORD
GenerateSpecificFilterQuery(
GUID FilterIdentifier,
LPWSTR * ppszFilterString
)
{
DWORD dwError = ERROR_SUCCESS;
WCHAR szGuid[MAX_PATH];
WCHAR szCommonName[MAX_PATH];
LPWSTR pszStringUuid = NULL;
DWORD dwLength = 0;
LPWSTR pszFilterString = NULL;
szGuid[0] = L'\0';
szCommonName[0] = L'\0';
dwError = UuidToString(
&FilterIdentifier,
&pszStringUuid
);
BAIL_ON_WIN32_ERROR(dwError);
wcscpy(szGuid, L"{");
wcscat(szGuid, pszStringUuid);
wcscat(szGuid, L"}");
wcscpy(szCommonName, L"cn=ipsecFilter");
wcscat(szCommonName, szGuid);
//
// Compute Length of Buffer to be allocated
//
dwLength = wcslen(L"(&(objectclass=ipsecFilter)");
dwLength += wcslen(L"(");
dwLength += wcslen(szCommonName);
dwLength += wcslen(L"))");
pszFilterString = (LPWSTR) AllocPolMem((dwLength + 1)*sizeof(WCHAR));
if (!pszFilterString) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
wcscpy(pszFilterString, L"(&(objectclass=ipsecFilter)");
wcscat(pszFilterString, L"(");
wcscat(pszFilterString, szCommonName);
wcscat(pszFilterString, L"))");
*ppszFilterString = pszFilterString;
cleanup:
if (pszStringUuid) {
RpcStringFree(&pszStringUuid);
}
return(dwError);
error:
if (pszFilterString) {
FreePolMem(pszFilterString);
}
*ppszFilterString = NULL;
goto cleanup;
}