windows-nt/Source/XPSP1/NT/net/ipsec/polstore/api.c

1802 lines
41 KiB
C
Raw Permalink Normal View History

2020-09-26 03:20:57 -05:00
#include "precomp.h"
LPWSTR gpszIpsecRegRootContainer = L"SOFTWARE\\Policies\\Microsoft\\Windows\\IPSec\\Policy\\Local";
LPWSTR gpszIpsecFileRootContainer = L"SOFTWARE\\Policies\\Microsoft\\Windows\\IPSec\\Policy\\Save";
DWORD
IPSecEnumPolicyData(
HANDLE hPolicyStore,
PIPSEC_POLICY_DATA ** pppIpsecPolicyData,
PDWORD pdwNumPolicyObjects
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegEnumPolicyData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pppIpsecPolicyData,
pdwNumPolicyObjects
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirEnumPolicyData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pppIpsecPolicyData,
pdwNumPolicyObjects
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecSetPolicyData(
HANDLE hPolicyStore,
PIPSEC_POLICY_DATA pIpsecPolicyData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidatePolicyData(
hPolicyStore,
pIpsecPolicyData
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegSetPolicyData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pPolicyStore->pszLocationName,
pIpsecPolicyData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirSetPolicyData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pIpsecPolicyData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecCreatePolicyData(
HANDLE hPolicyStore,
PIPSEC_POLICY_DATA pIpsecPolicyData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidatePolicyData(
hPolicyStore,
pIpsecPolicyData
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegCreatePolicyData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pIpsecPolicyData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirCreatePolicyData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pIpsecPolicyData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecDeletePolicyData(
HANDLE hPolicyStore,
PIPSEC_POLICY_DATA pIpsecPolicyData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidatePolicyDataDeletion(
hPolicyStore,
pIpsecPolicyData
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegDeletePolicyData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pIpsecPolicyData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirDeletePolicyData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pIpsecPolicyData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecEnumFilterData(
HANDLE hPolicyStore,
PIPSEC_FILTER_DATA ** pppIpsecFilterData,
PDWORD pdwNumFilterObjects
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegEnumFilterData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pppIpsecFilterData,
pdwNumFilterObjects
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirEnumFilterData(
(pPolicyStore->hLdapBindHandle),
(pPolicyStore->pszIpsecRootContainer),
pppIpsecFilterData,
pdwNumFilterObjects
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecSetFilterData(
HANDLE hPolicyStore,
PIPSEC_FILTER_DATA pIpsecFilterData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegSetFilterData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pPolicyStore->pszLocationName,
pIpsecFilterData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirSetFilterData(
(pPolicyStore->hLdapBindHandle),
(pPolicyStore->pszIpsecRootContainer),
pIpsecFilterData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecCreateFilterData(
HANDLE hPolicyStore,
PIPSEC_FILTER_DATA pIpsecFilterData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegCreateFilterData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pIpsecFilterData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirCreateFilterData(
(pPolicyStore->hLdapBindHandle),
(pPolicyStore->pszIpsecRootContainer),
pIpsecFilterData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecDeleteFilterData(
HANDLE hPolicyStore,
GUID FilterIdentifier
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidateFilterDataDeletion(
hPolicyStore,
FilterIdentifier
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegDeleteFilterData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
FilterIdentifier
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirDeleteFilterData(
(pPolicyStore->hLdapBindHandle),
(pPolicyStore->pszIpsecRootContainer),
FilterIdentifier
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecEnumNegPolData(
HANDLE hPolicyStore,
PIPSEC_NEGPOL_DATA ** pppIpsecNegPolData,
PDWORD pdwNumNegPolObjects
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegEnumNegPolData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pppIpsecNegPolData,
pdwNumNegPolObjects
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirEnumNegPolData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pppIpsecNegPolData,
pdwNumNegPolObjects
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecSetNegPolData(
HANDLE hPolicyStore,
PIPSEC_NEGPOL_DATA pIpsecNegPolData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidateNegPolData(
pIpsecNegPolData
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegSetNegPolData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pPolicyStore->pszLocationName,
pIpsecNegPolData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirSetNegPolData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pIpsecNegPolData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecCreateNegPolData(
HANDLE hPolicyStore,
PIPSEC_NEGPOL_DATA pIpsecNegPolData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidateNegPolData(
pIpsecNegPolData
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegCreateNegPolData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pIpsecNegPolData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirCreateNegPolData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pIpsecNegPolData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecDeleteNegPolData(
HANDLE hPolicyStore,
GUID NegPolIdentifier
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidateNegPolDataDeletion(
hPolicyStore,
NegPolIdentifier
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegDeleteNegPolData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
NegPolIdentifier
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirDeleteNegPolData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
NegPolIdentifier
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecCreateNFAData(
HANDLE hPolicyStore,
GUID PolicyIdentifier,
PIPSEC_NFA_DATA pIpsecNFAData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidateNFAData(
hPolicyStore,
PolicyIdentifier,
pIpsecNFAData
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch(pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegCreateNFAData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
PolicyIdentifier,
pPolicyStore->pszLocationName,
pIpsecNFAData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirCreateNFAData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
PolicyIdentifier,
pIpsecNFAData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecSetNFAData(
HANDLE hPolicyStore,
GUID PolicyIdentifier,
PIPSEC_NFA_DATA pIpsecNFAData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidateNFAData(
hPolicyStore,
PolicyIdentifier,
pIpsecNFAData
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegSetNFAData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
PolicyIdentifier,
pPolicyStore->pszLocationName,
pIpsecNFAData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirSetNFAData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
PolicyIdentifier,
pIpsecNFAData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecDeleteNFAData(
HANDLE hPolicyStore,
GUID PolicyIdentifier,
PIPSEC_NFA_DATA pIpsecNFAData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegDeleteNFAData(
(pPolicyStore->hRegistryKey),
(pPolicyStore->pszIpsecRootContainer),
PolicyIdentifier,
pPolicyStore->pszLocationName,
pIpsecNFAData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirDeleteNFAData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
PolicyIdentifier,
pIpsecNFAData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecEnumNFAData(
HANDLE hPolicyStore,
GUID PolicyIdentifier,
PIPSEC_NFA_DATA ** pppIpsecNFAData,
PDWORD pdwNumNFAObjects
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegEnumNFAData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
PolicyIdentifier,
pppIpsecNFAData,
pdwNumNFAObjects
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirEnumNFAData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
PolicyIdentifier,
pppIpsecNFAData,
pdwNumNFAObjects
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecGetFilterData(
HANDLE hPolicyStore,
GUID FilterGUID,
PIPSEC_FILTER_DATA * ppIpsecFilterData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegGetFilterData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
FilterGUID,
ppIpsecFilterData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirGetFilterData(
(pPolicyStore->hLdapBindHandle),
(pPolicyStore->pszIpsecRootContainer),
FilterGUID,
ppIpsecFilterData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecGetNegPolData(
HANDLE hPolicyStore,
GUID NegPolGUID,
PIPSEC_NEGPOL_DATA * ppIpsecNegPolData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegGetNegPolData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
NegPolGUID,
ppIpsecNegPolData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirGetNegPolData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
NegPolGUID,
ppIpsecNegPolData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecEnumISAKMPData(
HANDLE hPolicyStore,
PIPSEC_ISAKMP_DATA ** pppIpsecISAKMPData,
PDWORD pdwNumISAKMPObjects
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegEnumISAKMPData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pppIpsecISAKMPData,
pdwNumISAKMPObjects
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirEnumISAKMPData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pppIpsecISAKMPData,
pdwNumISAKMPObjects
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecSetISAKMPData(
HANDLE hPolicyStore,
PIPSEC_ISAKMP_DATA pIpsecISAKMPData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidateISAKMPData(
pIpsecISAKMPData
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegSetISAKMPData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pPolicyStore->pszLocationName,
pIpsecISAKMPData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirSetISAKMPData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pIpsecISAKMPData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecCreateISAKMPData(
HANDLE hPolicyStore,
PIPSEC_ISAKMP_DATA pIpsecISAKMPData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidateISAKMPData(
pIpsecISAKMPData
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegCreateISAKMPData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
pIpsecISAKMPData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirCreateISAKMPData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
pIpsecISAKMPData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecDeleteISAKMPData(
HANDLE hPolicyStore,
GUID ISAKMPIdentifier
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
dwError = ValidateISAKMPDataDeletion(
hPolicyStore,
ISAKMPIdentifier
);
BAIL_ON_WIN32_ERROR(dwError);
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegDeleteISAKMPData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
ISAKMPIdentifier
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirDeleteISAKMPData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
ISAKMPIdentifier
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}
DWORD
IPSecGetISAKMPData(
HANDLE hPolicyStore,
GUID ISAKMPGUID,
PIPSEC_ISAKMP_DATA * ppIpsecISAKMPData
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegGetISAKMPData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
ISAKMPGUID,
ppIpsecISAKMPData
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirGetISAKMPData(
(pPolicyStore->hLdapBindHandle),
pPolicyStore->pszIpsecRootContainer,
ISAKMPGUID,
ppIpsecISAKMPData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecOpenPolicyStore(
LPWSTR pszMachineName,
DWORD dwTypeOfStore,
LPWSTR pszFileName,
HANDLE * phPolicyStore
)
{
DWORD dwError = 0;
switch (dwTypeOfStore) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegOpenPolicyStore(
pszMachineName,
phPolicyStore
);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = DirOpenPolicyStore(
pszMachineName,
phPolicyStore
);
break;
case IPSEC_FILE_PROVIDER:
dwError = FileOpenPolicyStore(
pszMachineName,
pszFileName,
phPolicyStore
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return (dwError);
}
DWORD
RegOpenPolicyStore(
LPWSTR pszMachineName,
HANDLE * phPolicyStore
)
{
PIPSEC_POLICY_STORE pPolicyStore = NULL;
DWORD dwError = 0;
HKEY hParentRegistryKey = NULL;
HKEY hRegistryKey = NULL;
WCHAR szName[MAX_PATH];
LPWSTR pszLocationName = NULL;
LPWSTR pszIpsecRootContainer = NULL;
pszIpsecRootContainer = AllocPolStr(gpszIpsecRegRootContainer);
if (!pszIpsecRootContainer) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
szName[0] = L'\0';
if (!pszMachineName || !*pszMachineName) {
dwError = RegOpenKeyExW(
HKEY_LOCAL_MACHINE,
(LPCWSTR) gpszIpsecRegRootContainer,
0,
KEY_ALL_ACCESS,
&hRegistryKey
);
BAIL_ON_WIN32_ERROR(dwError);
pszLocationName = NULL;
}
else {
wcscpy(szName, L"\\\\");
wcscat(szName, pszMachineName);
dwError = RegConnectRegistryW(
szName,
HKEY_LOCAL_MACHINE,
&hParentRegistryKey
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = RegOpenKeyExW(
hParentRegistryKey,
(LPCWSTR) gpszIpsecRegRootContainer,
0,
KEY_ALL_ACCESS,
&hRegistryKey
);
BAIL_ON_WIN32_ERROR(dwError);
pszLocationName = AllocPolStr(szName);
if (!pszLocationName) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
}
pPolicyStore = (PIPSEC_POLICY_STORE)AllocPolMem(
sizeof(IPSEC_POLICY_STORE)
);
if (!pPolicyStore) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
pPolicyStore->dwProvider = IPSEC_REGISTRY_PROVIDER;
pPolicyStore->hParentRegistryKey = hParentRegistryKey;
pPolicyStore->hRegistryKey = hRegistryKey;
pPolicyStore->pszLocationName = pszLocationName;
pPolicyStore->hLdapBindHandle = NULL;
pPolicyStore->pszIpsecRootContainer = pszIpsecRootContainer;
pPolicyStore->pszFileName = NULL;
*phPolicyStore = pPolicyStore;
return(dwError);
error:
if (pszIpsecRootContainer) {
FreePolStr(pszIpsecRootContainer);
}
if (hRegistryKey) {
RegCloseKey(hRegistryKey);
}
if (hParentRegistryKey) {
RegCloseKey(hParentRegistryKey);
}
if (pszLocationName) {
FreePolStr(pszLocationName);
}
if (pPolicyStore) {
FreePolMem(pPolicyStore);
}
*phPolicyStore = NULL;
return(dwError);
}
DWORD
DirOpenPolicyStore(
LPWSTR pszMachineName,
HANDLE * phPolicyStore
)
{
PIPSEC_POLICY_STORE pPolicyStore = NULL;
DWORD dwError = 0;
LPWSTR pszIpsecRootContainer = NULL;
HLDAP hLdapBindHandle = NULL;
LPWSTR pszDefaultDirectory = NULL;
if (!pszMachineName || !*pszMachineName) {
dwError = ComputeDefaultDirectory(
&pszDefaultDirectory
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = OpenDirectoryServerHandle(
pszDefaultDirectory,
389,
&hLdapBindHandle
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = ComputeDirLocationName(
pszDefaultDirectory,
&pszIpsecRootContainer
);
BAIL_ON_WIN32_ERROR(dwError);
}
else {
dwError = OpenDirectoryServerHandle(
pszMachineName,
389,
&hLdapBindHandle
);
BAIL_ON_WIN32_ERROR(dwError);
dwError = ComputeDirLocationName(
pszMachineName,
&pszIpsecRootContainer
);
BAIL_ON_WIN32_ERROR(dwError);
}
pPolicyStore = (PIPSEC_POLICY_STORE)AllocPolMem(
sizeof(IPSEC_POLICY_STORE)
);
if (!pPolicyStore) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
pPolicyStore->dwProvider = IPSEC_DIRECTORY_PROVIDER;
pPolicyStore->hParentRegistryKey = NULL;
pPolicyStore->hRegistryKey = NULL;
pPolicyStore->pszLocationName = NULL;
pPolicyStore->hLdapBindHandle = hLdapBindHandle;
pPolicyStore->pszIpsecRootContainer = pszIpsecRootContainer;
pPolicyStore->pszFileName = NULL;
*phPolicyStore = pPolicyStore;
cleanup:
if (pszDefaultDirectory) {
FreePolStr(pszDefaultDirectory);
}
return(dwError);
error:
if (hLdapBindHandle) {
CloseDirectoryServerHandle(hLdapBindHandle);
}
if (pszIpsecRootContainer) {
FreePolStr(pszIpsecRootContainer);
}
if (pPolicyStore) {
FreePolMem(pPolicyStore);
}
*phPolicyStore = NULL;
goto cleanup;
}
DWORD
FileOpenPolicyStore(
LPWSTR pszMachineName,
LPWSTR pszFileName,
HANDLE * phPolicyStore
)
{
DWORD dwError = 0;
LPWSTR pszIpsecRootContainer = NULL;
HKEY hRegistryKey = NULL;
LPWSTR pszTempFileName = NULL;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
DWORD dwDisposition = 0;
pszIpsecRootContainer = AllocPolStr(gpszIpsecFileRootContainer);
if (!pszIpsecRootContainer) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
if (!pszMachineName || !*pszMachineName) {
dwError = RegCreateKeyExW(
HKEY_LOCAL_MACHINE,
(LPCWSTR) gpszIpsecFileRootContainer,
0,
NULL,
0,
KEY_ALL_ACCESS,
NULL,
&hRegistryKey,
&dwDisposition
);
BAIL_ON_WIN32_ERROR(dwError);
}
else {
dwError = ERROR_INVALID_DATA;
BAIL_ON_WIN32_ERROR(dwError);
}
if (!pszFileName || !*pszFileName) {
dwError = ERROR_INVALID_DATA;
BAIL_ON_WIN32_ERROR(dwError);
}
pszTempFileName = AllocPolStr(pszFileName);
if (!pszTempFileName) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
pPolicyStore = (PIPSEC_POLICY_STORE)AllocPolMem(
sizeof(IPSEC_POLICY_STORE)
);
if (!pPolicyStore) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
pPolicyStore->dwProvider = IPSEC_FILE_PROVIDER;
pPolicyStore->hParentRegistryKey = NULL;
pPolicyStore->hRegistryKey = hRegistryKey;
pPolicyStore->pszLocationName = NULL;
pPolicyStore->hLdapBindHandle = NULL;
pPolicyStore->pszIpsecRootContainer = pszIpsecRootContainer;
pPolicyStore->pszFileName = pszTempFileName;
*phPolicyStore = pPolicyStore;
return(dwError);
error:
if (pszIpsecRootContainer) {
FreePolStr(pszIpsecRootContainer);
}
if (hRegistryKey) {
RegCloseKey(hRegistryKey);
}
if (pszTempFileName) {
FreePolStr(pszTempFileName);
}
*phPolicyStore = NULL;
return(dwError);
}
DWORD
IPSecClosePolicyStore(
HANDLE hPolicyStore
)
{
DWORD dwError = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
if (pPolicyStore->hRegistryKey) {
dwError = RegCloseKey(
pPolicyStore->hRegistryKey
);
BAIL_ON_WIN32_ERROR(dwError);
}
if (pPolicyStore->hParentRegistryKey) {
dwError = RegCloseKey(
pPolicyStore->hParentRegistryKey
);
BAIL_ON_WIN32_ERROR(dwError);
}
if (pPolicyStore->pszLocationName) {
FreePolStr(pPolicyStore->pszLocationName);
}
if (pPolicyStore->pszIpsecRootContainer) {
FreePolStr(pPolicyStore->pszIpsecRootContainer);
}
break;
case IPSEC_DIRECTORY_PROVIDER:
if (pPolicyStore->hLdapBindHandle) {
CloseDirectoryServerHandle(
pPolicyStore->hLdapBindHandle
);
}
if (pPolicyStore->pszIpsecRootContainer) {
FreePolStr(pPolicyStore->pszIpsecRootContainer);
}
break;
case IPSEC_FILE_PROVIDER:
if (pPolicyStore->hRegistryKey) {
dwError = RegCloseKey(
pPolicyStore->hRegistryKey
);
BAIL_ON_WIN32_ERROR(dwError);
}
if (pPolicyStore->pszIpsecRootContainer) {
FreePolStr(pPolicyStore->pszIpsecRootContainer);
}
if (pPolicyStore->pszFileName) {
FreePolStr(pPolicyStore->pszFileName);
}
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_WIN32_ERROR(dwError);
break;
}
if (pPolicyStore) {
FreePolMem(pPolicyStore);
}
error:
return(dwError);
}
DWORD
IPSecAssignPolicy(
HANDLE hPolicyStore,
GUID PolicyGUID
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegAssignPolicy(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
PolicyGUID,
pPolicyStore->pszLocationName
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecUnassignPolicy(
HANDLE hPolicyStore,
GUID PolicyGUID
)
{
DWORD dwError = 0;
DWORD dwProvider = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegUnassignPolicy(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
PolicyGUID,
pPolicyStore->pszLocationName
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
ComputeDirLocationName(
LPWSTR pszDirDomainName,
LPWSTR * ppszDirFQPathName
)
{
DWORD dwError = 0;
WCHAR szName[MAX_PATH];
LPWSTR pszDotBegin = NULL;
LPWSTR pszDotEnd = NULL;
LPWSTR pszDirFQPathName = NULL;
LPWSTR pszDirName = NULL;
szName[0] = L'\0';
wcscpy(szName, L"CN=IP Security,CN=System");
pszDirName = AllocPolStr(pszDirDomainName);
if (!pszDirName) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
pszDotBegin = pszDirName;
pszDotEnd = wcschr(pszDirName, L'.');
if (!pszDotEnd) {
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_WIN32_ERROR(dwError);
}
while (pszDotEnd) {
*pszDotEnd = L'\0';
wcscat(szName, L",DC=");
wcscat(szName, pszDotBegin);
*pszDotEnd = L'.';
pszDotEnd += 1;
pszDotBegin = pszDotEnd;
pszDotEnd = wcschr(pszDotEnd, L'.');
}
wcscat(szName, L",DC=");
wcscat(szName, pszDotBegin);
pszDirFQPathName = AllocPolStr(szName);
if (!pszDirFQPathName) {
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_WIN32_ERROR(dwError);
}
*ppszDirFQPathName = pszDirFQPathName;
cleanup:
if (pszDirName) {
FreePolStr(pszDirName);
}
return (dwError);
error:
*ppszDirFQPathName = NULL;
goto cleanup;
}
DWORD
IPSecGetAssignedPolicyData(
HANDLE hPolicyStore,
PIPSEC_POLICY_DATA * ppIpsecPolicyData
)
{
DWORD dwError = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE)hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegGetAssignedPolicyData(
(pPolicyStore->hRegistryKey),
pPolicyStore->pszIpsecRootContainer,
ppIpsecPolicyData
);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
return(dwError);
}
DWORD
IPSecExportPolicies(
HANDLE hSrcPolicyStore,
HANDLE hDesPolicyStore
)
{
DWORD dwError = 0;
PIPSEC_POLICY_STORE pSrcPolicyStore = NULL;
PIPSEC_POLICY_STORE pDesPolicyStore = NULL;
pSrcPolicyStore = (PIPSEC_POLICY_STORE) hSrcPolicyStore;
switch (pSrcPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
case IPSEC_DIRECTORY_PROVIDER:
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_WIN32_ERROR(dwError);
break;
}
pDesPolicyStore = (PIPSEC_POLICY_STORE) hDesPolicyStore;
switch (pDesPolicyStore->dwProvider) {
case IPSEC_FILE_PROVIDER:
dwError = ExportPoliciesToFile(
hSrcPolicyStore,
hDesPolicyStore
);
BAIL_ON_WIN32_ERROR(dwError);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_WIN32_ERROR(dwError);
break;
}
error:
return(dwError);
}
DWORD
IPSecImportPolicies(
HANDLE hSrcPolicyStore,
HANDLE hDesPolicyStore
)
{
DWORD dwError = 0;
PIPSEC_POLICY_STORE pSrcPolicyStore = NULL;
PIPSEC_POLICY_STORE pDesPolicyStore = NULL;
pSrcPolicyStore = (PIPSEC_POLICY_STORE) hSrcPolicyStore;
switch (pSrcPolicyStore->dwProvider) {
case IPSEC_FILE_PROVIDER:
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_WIN32_ERROR(dwError);
break;
}
pDesPolicyStore = (PIPSEC_POLICY_STORE) hDesPolicyStore;
switch (pDesPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
case IPSEC_DIRECTORY_PROVIDER:
dwError = ImportPoliciesFromFile(
hSrcPolicyStore,
hDesPolicyStore
);
BAIL_ON_WIN32_ERROR(dwError);
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_WIN32_ERROR(dwError);
break;
}
error:
return(dwError);
}
DWORD
IPSecRestoreDefaultPolicies(
HANDLE hPolicyStore
)
{
DWORD dwError = 0;
PIPSEC_POLICY_STORE pPolicyStore = NULL;
pPolicyStore = (PIPSEC_POLICY_STORE) hPolicyStore;
switch (pPolicyStore->dwProvider) {
case IPSEC_REGISTRY_PROVIDER:
dwError = RegRestoreDefaults(
hPolicyStore,
pPolicyStore->hRegistryKey,
pPolicyStore->pszIpsecRootContainer,
pPolicyStore->pszLocationName
);
BAIL_ON_WIN32_ERROR(dwError);
break;
case IPSEC_DIRECTORY_PROVIDER:
dwError = ERROR_INVALID_PARAMETER;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
error:
return(dwError);
}