1802 lines
41 KiB
C
1802 lines
41 KiB
C
|
|
||
|
|
||
|
#include "precomp.h"
|
||
|
|
||
|
|
||
|
LPWSTR gpszIpsecRegRootContainer = L"SOFTWARE\\Policies\\Microsoft\\Windows\\IPSec\\Policy\\Local";
|
||
|
|
||
|
LPWSTR gpszIpsecFileRootContainer = L"SOFTWARE\\Policies\\Microsoft\\Windows\\IPSec\\Policy\\Save";
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecEnumPolicyData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_POLICY_DATA ** pppIpsecPolicyData,
|
||
|
PDWORD pdwNumPolicyObjects
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegEnumPolicyData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pppIpsecPolicyData,
|
||
|
pdwNumPolicyObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirEnumPolicyData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pppIpsecPolicyData,
|
||
|
pdwNumPolicyObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecSetPolicyData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_POLICY_DATA pIpsecPolicyData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
dwError = ValidatePolicyData(
|
||
|
hPolicyStore,
|
||
|
pIpsecPolicyData
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegSetPolicyData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pPolicyStore->pszLocationName,
|
||
|
pIpsecPolicyData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirSetPolicyData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecPolicyData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecCreatePolicyData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_POLICY_DATA pIpsecPolicyData
|
||
|
)
|
||
|
{
|
||
|
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
dwError = ValidatePolicyData(
|
||
|
hPolicyStore,
|
||
|
pIpsecPolicyData
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegCreatePolicyData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecPolicyData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirCreatePolicyData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecPolicyData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecDeletePolicyData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_POLICY_DATA pIpsecPolicyData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
dwError = ValidatePolicyDataDeletion(
|
||
|
hPolicyStore,
|
||
|
pIpsecPolicyData
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegDeletePolicyData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecPolicyData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirDeletePolicyData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecPolicyData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecEnumFilterData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_FILTER_DATA ** pppIpsecFilterData,
|
||
|
PDWORD pdwNumFilterObjects
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegEnumFilterData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pppIpsecFilterData,
|
||
|
pdwNumFilterObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirEnumFilterData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
(pPolicyStore->pszIpsecRootContainer),
|
||
|
pppIpsecFilterData,
|
||
|
pdwNumFilterObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecSetFilterData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_FILTER_DATA pIpsecFilterData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegSetFilterData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pPolicyStore->pszLocationName,
|
||
|
pIpsecFilterData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirSetFilterData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
(pPolicyStore->pszIpsecRootContainer),
|
||
|
pIpsecFilterData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecCreateFilterData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_FILTER_DATA pIpsecFilterData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegCreateFilterData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecFilterData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirCreateFilterData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
(pPolicyStore->pszIpsecRootContainer),
|
||
|
pIpsecFilterData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecDeleteFilterData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID FilterIdentifier
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
dwError = ValidateFilterDataDeletion(
|
||
|
hPolicyStore,
|
||
|
FilterIdentifier
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegDeleteFilterData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
FilterIdentifier
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirDeleteFilterData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
(pPolicyStore->pszIpsecRootContainer),
|
||
|
FilterIdentifier
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecEnumNegPolData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_NEGPOL_DATA ** pppIpsecNegPolData,
|
||
|
PDWORD pdwNumNegPolObjects
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegEnumNegPolData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pppIpsecNegPolData,
|
||
|
pdwNumNegPolObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirEnumNegPolData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pppIpsecNegPolData,
|
||
|
pdwNumNegPolObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecSetNegPolData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_NEGPOL_DATA pIpsecNegPolData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
|
||
|
dwError = ValidateNegPolData(
|
||
|
pIpsecNegPolData
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegSetNegPolData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pPolicyStore->pszLocationName,
|
||
|
pIpsecNegPolData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirSetNegPolData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecNegPolData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecCreateNegPolData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_NEGPOL_DATA pIpsecNegPolData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
|
||
|
dwError = ValidateNegPolData(
|
||
|
pIpsecNegPolData
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegCreateNegPolData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecNegPolData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirCreateNegPolData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecNegPolData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecDeleteNegPolData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID NegPolIdentifier
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
dwError = ValidateNegPolDataDeletion(
|
||
|
hPolicyStore,
|
||
|
NegPolIdentifier
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegDeleteNegPolData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
NegPolIdentifier
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirDeleteNegPolData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
NegPolIdentifier
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecCreateNFAData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID PolicyIdentifier,
|
||
|
PIPSEC_NFA_DATA pIpsecNFAData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
dwError = ValidateNFAData(
|
||
|
hPolicyStore,
|
||
|
PolicyIdentifier,
|
||
|
pIpsecNFAData
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch(pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegCreateNFAData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
PolicyIdentifier,
|
||
|
pPolicyStore->pszLocationName,
|
||
|
pIpsecNFAData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirCreateNFAData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
PolicyIdentifier,
|
||
|
pIpsecNFAData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecSetNFAData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID PolicyIdentifier,
|
||
|
PIPSEC_NFA_DATA pIpsecNFAData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
dwError = ValidateNFAData(
|
||
|
hPolicyStore,
|
||
|
PolicyIdentifier,
|
||
|
pIpsecNFAData
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegSetNFAData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
PolicyIdentifier,
|
||
|
pPolicyStore->pszLocationName,
|
||
|
pIpsecNFAData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirSetNFAData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
PolicyIdentifier,
|
||
|
pIpsecNFAData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecDeleteNFAData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID PolicyIdentifier,
|
||
|
PIPSEC_NFA_DATA pIpsecNFAData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegDeleteNFAData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
(pPolicyStore->pszIpsecRootContainer),
|
||
|
PolicyIdentifier,
|
||
|
pPolicyStore->pszLocationName,
|
||
|
pIpsecNFAData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirDeleteNFAData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
PolicyIdentifier,
|
||
|
pIpsecNFAData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecEnumNFAData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID PolicyIdentifier,
|
||
|
PIPSEC_NFA_DATA ** pppIpsecNFAData,
|
||
|
PDWORD pdwNumNFAObjects
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegEnumNFAData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
PolicyIdentifier,
|
||
|
pppIpsecNFAData,
|
||
|
pdwNumNFAObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirEnumNFAData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
PolicyIdentifier,
|
||
|
pppIpsecNFAData,
|
||
|
pdwNumNFAObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecGetFilterData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID FilterGUID,
|
||
|
PIPSEC_FILTER_DATA * ppIpsecFilterData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegGetFilterData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
FilterGUID,
|
||
|
ppIpsecFilterData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirGetFilterData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
(pPolicyStore->pszIpsecRootContainer),
|
||
|
FilterGUID,
|
||
|
ppIpsecFilterData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecGetNegPolData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID NegPolGUID,
|
||
|
PIPSEC_NEGPOL_DATA * ppIpsecNegPolData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegGetNegPolData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
NegPolGUID,
|
||
|
ppIpsecNegPolData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirGetNegPolData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
NegPolGUID,
|
||
|
ppIpsecNegPolData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecEnumISAKMPData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_ISAKMP_DATA ** pppIpsecISAKMPData,
|
||
|
PDWORD pdwNumISAKMPObjects
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegEnumISAKMPData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pppIpsecISAKMPData,
|
||
|
pdwNumISAKMPObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirEnumISAKMPData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pppIpsecISAKMPData,
|
||
|
pdwNumISAKMPObjects
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecSetISAKMPData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_ISAKMP_DATA pIpsecISAKMPData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
|
||
|
dwError = ValidateISAKMPData(
|
||
|
pIpsecISAKMPData
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegSetISAKMPData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pPolicyStore->pszLocationName,
|
||
|
pIpsecISAKMPData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirSetISAKMPData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecISAKMPData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecCreateISAKMPData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_ISAKMP_DATA pIpsecISAKMPData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
|
||
|
dwError = ValidateISAKMPData(
|
||
|
pIpsecISAKMPData
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegCreateISAKMPData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecISAKMPData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirCreateISAKMPData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pIpsecISAKMPData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecDeleteISAKMPData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID ISAKMPIdentifier
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
dwError = ValidateISAKMPDataDeletion(
|
||
|
hPolicyStore,
|
||
|
ISAKMPIdentifier
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegDeleteISAKMPData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
ISAKMPIdentifier
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirDeleteISAKMPData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
ISAKMPIdentifier
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecGetISAKMPData(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID ISAKMPGUID,
|
||
|
PIPSEC_ISAKMP_DATA * ppIpsecISAKMPData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegGetISAKMPData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
ISAKMPGUID,
|
||
|
ppIpsecISAKMPData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = DirGetISAKMPData(
|
||
|
(pPolicyStore->hLdapBindHandle),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
ISAKMPGUID,
|
||
|
ppIpsecISAKMPData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecOpenPolicyStore(
|
||
|
LPWSTR pszMachineName,
|
||
|
DWORD dwTypeOfStore,
|
||
|
LPWSTR pszFileName,
|
||
|
HANDLE * phPolicyStore
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
|
||
|
|
||
|
switch (dwTypeOfStore) {
|
||
|
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
|
||
|
dwError = RegOpenPolicyStore(
|
||
|
pszMachineName,
|
||
|
phPolicyStore
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
|
||
|
dwError = DirOpenPolicyStore(
|
||
|
pszMachineName,
|
||
|
phPolicyStore
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_FILE_PROVIDER:
|
||
|
|
||
|
dwError = FileOpenPolicyStore(
|
||
|
pszMachineName,
|
||
|
pszFileName,
|
||
|
phPolicyStore
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return (dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
RegOpenPolicyStore(
|
||
|
LPWSTR pszMachineName,
|
||
|
HANDLE * phPolicyStore
|
||
|
)
|
||
|
{
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
DWORD dwError = 0;
|
||
|
HKEY hParentRegistryKey = NULL;
|
||
|
HKEY hRegistryKey = NULL;
|
||
|
WCHAR szName[MAX_PATH];
|
||
|
LPWSTR pszLocationName = NULL;
|
||
|
LPWSTR pszIpsecRootContainer = NULL;
|
||
|
|
||
|
|
||
|
pszIpsecRootContainer = AllocPolStr(gpszIpsecRegRootContainer);
|
||
|
if (!pszIpsecRootContainer) {
|
||
|
dwError = ERROR_OUTOFMEMORY;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
szName[0] = L'\0';
|
||
|
|
||
|
if (!pszMachineName || !*pszMachineName) {
|
||
|
dwError = RegOpenKeyExW(
|
||
|
HKEY_LOCAL_MACHINE,
|
||
|
(LPCWSTR) gpszIpsecRegRootContainer,
|
||
|
0,
|
||
|
KEY_ALL_ACCESS,
|
||
|
&hRegistryKey
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pszLocationName = NULL;
|
||
|
}
|
||
|
else {
|
||
|
|
||
|
wcscpy(szName, L"\\\\");
|
||
|
wcscat(szName, pszMachineName);
|
||
|
|
||
|
dwError = RegConnectRegistryW(
|
||
|
szName,
|
||
|
HKEY_LOCAL_MACHINE,
|
||
|
&hParentRegistryKey
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
dwError = RegOpenKeyExW(
|
||
|
hParentRegistryKey,
|
||
|
(LPCWSTR) gpszIpsecRegRootContainer,
|
||
|
0,
|
||
|
KEY_ALL_ACCESS,
|
||
|
&hRegistryKey
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
pszLocationName = AllocPolStr(szName);
|
||
|
if (!pszLocationName) {
|
||
|
dwError = ERROR_OUTOFMEMORY;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)AllocPolMem(
|
||
|
sizeof(IPSEC_POLICY_STORE)
|
||
|
);
|
||
|
if (!pPolicyStore) {
|
||
|
dwError = ERROR_OUTOFMEMORY;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
pPolicyStore->dwProvider = IPSEC_REGISTRY_PROVIDER;
|
||
|
pPolicyStore->hParentRegistryKey = hParentRegistryKey;
|
||
|
pPolicyStore->hRegistryKey = hRegistryKey;
|
||
|
pPolicyStore->pszLocationName = pszLocationName;
|
||
|
pPolicyStore->hLdapBindHandle = NULL;
|
||
|
pPolicyStore->pszIpsecRootContainer = pszIpsecRootContainer;
|
||
|
pPolicyStore->pszFileName = NULL;
|
||
|
|
||
|
*phPolicyStore = pPolicyStore;
|
||
|
|
||
|
return(dwError);
|
||
|
|
||
|
error:
|
||
|
|
||
|
if (pszIpsecRootContainer) {
|
||
|
FreePolStr(pszIpsecRootContainer);
|
||
|
}
|
||
|
|
||
|
if (hRegistryKey) {
|
||
|
RegCloseKey(hRegistryKey);
|
||
|
}
|
||
|
|
||
|
if (hParentRegistryKey) {
|
||
|
RegCloseKey(hParentRegistryKey);
|
||
|
}
|
||
|
|
||
|
if (pszLocationName) {
|
||
|
FreePolStr(pszLocationName);
|
||
|
}
|
||
|
|
||
|
if (pPolicyStore) {
|
||
|
FreePolMem(pPolicyStore);
|
||
|
}
|
||
|
|
||
|
*phPolicyStore = NULL;
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
DirOpenPolicyStore(
|
||
|
LPWSTR pszMachineName,
|
||
|
HANDLE * phPolicyStore
|
||
|
)
|
||
|
{
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
DWORD dwError = 0;
|
||
|
LPWSTR pszIpsecRootContainer = NULL;
|
||
|
HLDAP hLdapBindHandle = NULL;
|
||
|
LPWSTR pszDefaultDirectory = NULL;
|
||
|
|
||
|
|
||
|
if (!pszMachineName || !*pszMachineName) {
|
||
|
|
||
|
dwError = ComputeDefaultDirectory(
|
||
|
&pszDefaultDirectory
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
dwError = OpenDirectoryServerHandle(
|
||
|
pszDefaultDirectory,
|
||
|
389,
|
||
|
&hLdapBindHandle
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
dwError = ComputeDirLocationName(
|
||
|
pszDefaultDirectory,
|
||
|
&pszIpsecRootContainer
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
}
|
||
|
else {
|
||
|
|
||
|
dwError = OpenDirectoryServerHandle(
|
||
|
pszMachineName,
|
||
|
389,
|
||
|
&hLdapBindHandle
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
dwError = ComputeDirLocationName(
|
||
|
pszMachineName,
|
||
|
&pszIpsecRootContainer
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
|
||
|
}
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)AllocPolMem(
|
||
|
sizeof(IPSEC_POLICY_STORE)
|
||
|
);
|
||
|
if (!pPolicyStore) {
|
||
|
dwError = ERROR_OUTOFMEMORY;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
pPolicyStore->dwProvider = IPSEC_DIRECTORY_PROVIDER;
|
||
|
pPolicyStore->hParentRegistryKey = NULL;
|
||
|
pPolicyStore->hRegistryKey = NULL;
|
||
|
pPolicyStore->pszLocationName = NULL;
|
||
|
pPolicyStore->hLdapBindHandle = hLdapBindHandle;
|
||
|
pPolicyStore->pszIpsecRootContainer = pszIpsecRootContainer;
|
||
|
pPolicyStore->pszFileName = NULL;
|
||
|
|
||
|
*phPolicyStore = pPolicyStore;
|
||
|
|
||
|
cleanup:
|
||
|
|
||
|
if (pszDefaultDirectory) {
|
||
|
FreePolStr(pszDefaultDirectory);
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
|
||
|
error:
|
||
|
|
||
|
if (hLdapBindHandle) {
|
||
|
CloseDirectoryServerHandle(hLdapBindHandle);
|
||
|
}
|
||
|
|
||
|
if (pszIpsecRootContainer) {
|
||
|
FreePolStr(pszIpsecRootContainer);
|
||
|
}
|
||
|
|
||
|
if (pPolicyStore) {
|
||
|
FreePolMem(pPolicyStore);
|
||
|
}
|
||
|
|
||
|
*phPolicyStore = NULL;
|
||
|
|
||
|
goto cleanup;
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
FileOpenPolicyStore(
|
||
|
LPWSTR pszMachineName,
|
||
|
LPWSTR pszFileName,
|
||
|
HANDLE * phPolicyStore
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
LPWSTR pszIpsecRootContainer = NULL;
|
||
|
HKEY hRegistryKey = NULL;
|
||
|
LPWSTR pszTempFileName = NULL;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
DWORD dwDisposition = 0;
|
||
|
|
||
|
|
||
|
pszIpsecRootContainer = AllocPolStr(gpszIpsecFileRootContainer);
|
||
|
|
||
|
if (!pszIpsecRootContainer) {
|
||
|
dwError = ERROR_OUTOFMEMORY;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
if (!pszMachineName || !*pszMachineName) {
|
||
|
dwError = RegCreateKeyExW(
|
||
|
HKEY_LOCAL_MACHINE,
|
||
|
(LPCWSTR) gpszIpsecFileRootContainer,
|
||
|
0,
|
||
|
NULL,
|
||
|
0,
|
||
|
KEY_ALL_ACCESS,
|
||
|
NULL,
|
||
|
&hRegistryKey,
|
||
|
&dwDisposition
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
else {
|
||
|
dwError = ERROR_INVALID_DATA;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
if (!pszFileName || !*pszFileName) {
|
||
|
dwError = ERROR_INVALID_DATA;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
pszTempFileName = AllocPolStr(pszFileName);
|
||
|
if (!pszTempFileName) {
|
||
|
dwError = ERROR_OUTOFMEMORY;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)AllocPolMem(
|
||
|
sizeof(IPSEC_POLICY_STORE)
|
||
|
);
|
||
|
if (!pPolicyStore) {
|
||
|
dwError = ERROR_OUTOFMEMORY;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
pPolicyStore->dwProvider = IPSEC_FILE_PROVIDER;
|
||
|
pPolicyStore->hParentRegistryKey = NULL;
|
||
|
pPolicyStore->hRegistryKey = hRegistryKey;
|
||
|
pPolicyStore->pszLocationName = NULL;
|
||
|
pPolicyStore->hLdapBindHandle = NULL;
|
||
|
pPolicyStore->pszIpsecRootContainer = pszIpsecRootContainer;
|
||
|
pPolicyStore->pszFileName = pszTempFileName;
|
||
|
|
||
|
*phPolicyStore = pPolicyStore;
|
||
|
|
||
|
return(dwError);
|
||
|
|
||
|
error:
|
||
|
|
||
|
if (pszIpsecRootContainer) {
|
||
|
FreePolStr(pszIpsecRootContainer);
|
||
|
}
|
||
|
|
||
|
if (hRegistryKey) {
|
||
|
RegCloseKey(hRegistryKey);
|
||
|
}
|
||
|
|
||
|
if (pszTempFileName) {
|
||
|
FreePolStr(pszTempFileName);
|
||
|
}
|
||
|
|
||
|
*phPolicyStore = NULL;
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecClosePolicyStore(
|
||
|
HANDLE hPolicyStore
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
|
||
|
if (pPolicyStore->hRegistryKey) {
|
||
|
dwError = RegCloseKey(
|
||
|
pPolicyStore->hRegistryKey
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
if (pPolicyStore->hParentRegistryKey) {
|
||
|
dwError = RegCloseKey(
|
||
|
pPolicyStore->hParentRegistryKey
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
if (pPolicyStore->pszLocationName) {
|
||
|
FreePolStr(pPolicyStore->pszLocationName);
|
||
|
}
|
||
|
|
||
|
if (pPolicyStore->pszIpsecRootContainer) {
|
||
|
FreePolStr(pPolicyStore->pszIpsecRootContainer);
|
||
|
}
|
||
|
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
|
||
|
if (pPolicyStore->hLdapBindHandle) {
|
||
|
CloseDirectoryServerHandle(
|
||
|
pPolicyStore->hLdapBindHandle
|
||
|
);
|
||
|
}
|
||
|
|
||
|
if (pPolicyStore->pszIpsecRootContainer) {
|
||
|
FreePolStr(pPolicyStore->pszIpsecRootContainer);
|
||
|
}
|
||
|
|
||
|
break;
|
||
|
|
||
|
case IPSEC_FILE_PROVIDER:
|
||
|
|
||
|
if (pPolicyStore->hRegistryKey) {
|
||
|
dwError = RegCloseKey(
|
||
|
pPolicyStore->hRegistryKey
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
if (pPolicyStore->pszIpsecRootContainer) {
|
||
|
FreePolStr(pPolicyStore->pszIpsecRootContainer);
|
||
|
}
|
||
|
|
||
|
if (pPolicyStore->pszFileName) {
|
||
|
FreePolStr(pPolicyStore->pszFileName);
|
||
|
}
|
||
|
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
if (pPolicyStore) {
|
||
|
FreePolMem(pPolicyStore);
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecAssignPolicy(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID PolicyGUID
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegAssignPolicy(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
PolicyGUID,
|
||
|
pPolicyStore->pszLocationName
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecUnassignPolicy(
|
||
|
HANDLE hPolicyStore,
|
||
|
GUID PolicyGUID
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
DWORD dwProvider = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegUnassignPolicy(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
PolicyGUID,
|
||
|
pPolicyStore->pszLocationName
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
ComputeDirLocationName(
|
||
|
LPWSTR pszDirDomainName,
|
||
|
LPWSTR * ppszDirFQPathName
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
WCHAR szName[MAX_PATH];
|
||
|
LPWSTR pszDotBegin = NULL;
|
||
|
LPWSTR pszDotEnd = NULL;
|
||
|
LPWSTR pszDirFQPathName = NULL;
|
||
|
LPWSTR pszDirName = NULL;
|
||
|
|
||
|
szName[0] = L'\0';
|
||
|
wcscpy(szName, L"CN=IP Security,CN=System");
|
||
|
|
||
|
pszDirName = AllocPolStr(pszDirDomainName);
|
||
|
|
||
|
if (!pszDirName) {
|
||
|
dwError = ERROR_OUTOFMEMORY;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
pszDotBegin = pszDirName;
|
||
|
pszDotEnd = wcschr(pszDirName, L'.');
|
||
|
|
||
|
if (!pszDotEnd) {
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
while (pszDotEnd) {
|
||
|
|
||
|
*pszDotEnd = L'\0';
|
||
|
|
||
|
wcscat(szName, L",DC=");
|
||
|
wcscat(szName, pszDotBegin);
|
||
|
|
||
|
*pszDotEnd = L'.';
|
||
|
|
||
|
pszDotEnd += 1;
|
||
|
pszDotBegin = pszDotEnd;
|
||
|
|
||
|
pszDotEnd = wcschr(pszDotEnd, L'.');
|
||
|
|
||
|
}
|
||
|
|
||
|
wcscat(szName, L",DC=");
|
||
|
wcscat(szName, pszDotBegin);
|
||
|
|
||
|
pszDirFQPathName = AllocPolStr(szName);
|
||
|
if (!pszDirFQPathName) {
|
||
|
dwError = ERROR_OUTOFMEMORY;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
}
|
||
|
|
||
|
*ppszDirFQPathName = pszDirFQPathName;
|
||
|
|
||
|
cleanup:
|
||
|
|
||
|
if (pszDirName) {
|
||
|
FreePolStr(pszDirName);
|
||
|
}
|
||
|
|
||
|
return (dwError);
|
||
|
|
||
|
error:
|
||
|
|
||
|
*ppszDirFQPathName = NULL;
|
||
|
goto cleanup;
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecGetAssignedPolicyData(
|
||
|
HANDLE hPolicyStore,
|
||
|
PIPSEC_POLICY_DATA * ppIpsecPolicyData
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
dwError = RegGetAssignedPolicyData(
|
||
|
(pPolicyStore->hRegistryKey),
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
ppIpsecPolicyData
|
||
|
);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecExportPolicies(
|
||
|
HANDLE hSrcPolicyStore,
|
||
|
HANDLE hDesPolicyStore
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
PIPSEC_POLICY_STORE pSrcPolicyStore = NULL;
|
||
|
PIPSEC_POLICY_STORE pDesPolicyStore = NULL;
|
||
|
|
||
|
|
||
|
pSrcPolicyStore = (PIPSEC_POLICY_STORE) hSrcPolicyStore;
|
||
|
|
||
|
switch (pSrcPolicyStore->dwProvider) {
|
||
|
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
pDesPolicyStore = (PIPSEC_POLICY_STORE) hDesPolicyStore;
|
||
|
|
||
|
switch (pDesPolicyStore->dwProvider) {
|
||
|
|
||
|
case IPSEC_FILE_PROVIDER:
|
||
|
dwError = ExportPoliciesToFile(
|
||
|
hSrcPolicyStore,
|
||
|
hDesPolicyStore
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecImportPolicies(
|
||
|
HANDLE hSrcPolicyStore,
|
||
|
HANDLE hDesPolicyStore
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
PIPSEC_POLICY_STORE pSrcPolicyStore = NULL;
|
||
|
PIPSEC_POLICY_STORE pDesPolicyStore = NULL;
|
||
|
|
||
|
|
||
|
pSrcPolicyStore = (PIPSEC_POLICY_STORE) hSrcPolicyStore;
|
||
|
|
||
|
switch (pSrcPolicyStore->dwProvider) {
|
||
|
|
||
|
case IPSEC_FILE_PROVIDER:
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
pDesPolicyStore = (PIPSEC_POLICY_STORE) hDesPolicyStore;
|
||
|
|
||
|
switch (pDesPolicyStore->dwProvider) {
|
||
|
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
dwError = ImportPoliciesFromFile(
|
||
|
hSrcPolicyStore,
|
||
|
hDesPolicyStore
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|
||
|
|
||
|
DWORD
|
||
|
IPSecRestoreDefaultPolicies(
|
||
|
HANDLE hPolicyStore
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError = 0;
|
||
|
PIPSEC_POLICY_STORE pPolicyStore = NULL;
|
||
|
|
||
|
|
||
|
pPolicyStore = (PIPSEC_POLICY_STORE) hPolicyStore;
|
||
|
|
||
|
switch (pPolicyStore->dwProvider) {
|
||
|
|
||
|
case IPSEC_REGISTRY_PROVIDER:
|
||
|
|
||
|
dwError = RegRestoreDefaults(
|
||
|
hPolicyStore,
|
||
|
pPolicyStore->hRegistryKey,
|
||
|
pPolicyStore->pszIpsecRootContainer,
|
||
|
pPolicyStore->pszLocationName
|
||
|
);
|
||
|
BAIL_ON_WIN32_ERROR(dwError);
|
||
|
break;
|
||
|
|
||
|
case IPSEC_DIRECTORY_PROVIDER:
|
||
|
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
|
||
|
dwError = ERROR_INVALID_PARAMETER;
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
|
||
|
error:
|
||
|
|
||
|
return(dwError);
|
||
|
}
|
||
|
|