DWORD
VmAfdConnectLdapWithMachineAccount(
LDAP** ppLotus
)
{
DWORD dwError = 0;
LDAP* pLotus = NULL;
PSTR pszUpn = NULL;
PVMAFD_REG_ARG pArgs = NULL;
PWSTR pwszDCName = NULL;
PSTR pszDCName = NULL;
dwError = VmAfdGetMachineInfo(&pArgs);
BAIL_ON_VMAFD_ERROR_NO_LOG(dwError);
dwError = VmAfSrvGetAffinitizedDC(&pwszDCName);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateStringAFromW(pwszDCName, &pszDCName);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateStringPrintf(
&pszUpn,
"%s@%s",
pArgs->pszAccount,
pArgs->pszDomain);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdLDAPConnect(
pszDCName,
LDAP_PORT,
pszUpn,
pArgs->pszPassword,
&pLotus);
BAIL_ON_VMAFD_ERROR_NO_LOG(dwError);
*ppLotus = pLotus;
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszUpn);
VMAFD_SAFE_FREE_STRINGA(pszDCName);
VMAFD_SAFE_FREE_STRINGW(pwszDCName);
VmAfdFreeRegArgs(pArgs);
return dwError;
error:
if (pLotus)
{
VmAfdLdapClose(pLotus);
}
goto cleanup;
}
static
DWORD
VmAfdGetDbPath(
PSTR *ppszDbPath
)
{
DWORD dwError = 0;
PSTR pszDbBasePath = NULL;
PSTR pszDbPath = NULL;
DWORD dwPathLength = 0;
dwError = VecsSrvGetDBBasePath(
&pszDbBasePath
);
BAIL_ON_VMAFD_ERROR (dwError);
dwPathLength = VmAfdStringLenA(pszDbBasePath) +
VmAfdStringLenA(VMAFD_CERT_DB_FILE) + 1;
dwError = VmAfdAllocateMemory(
dwPathLength,
(PVOID *)&pszDbPath
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VmAfdStringPrintFA(
pszDbPath,
dwPathLength,
"%s%s",
pszDbBasePath,
VMAFD_CERT_DB_FILE
);
BAIL_ON_VMAFD_ERROR (dwError);
*ppszDbPath = pszDbPath;
cleanup:
VMAFD_SAFE_FREE_STRINGA (pszDbBasePath);
return dwError;
error:
if (ppszDbPath)
{
*ppszDbPath = NULL;
}
VMAFD_SAFE_FREE_STRINGA (pszDbPath);
goto cleanup;
}
static
VOID
VmAfdMoveOldDbFile(
VOID
)
{
DWORD dwError = 0;
PSTR pszDbPath = NULL;
PSTR pszDbOldPath = NULL;
BOOLEAN bOldFileExists = FALSE;
BOOLEAN bNewFieExists = FALSE;
dwError = VmAfdAllocateStringA(
VMAFD_CERT_DB,
&pszDbPath
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VmAfdAllocateStringA(
VMAFD_OLD_CERT_DB,
&pszDbOldPath
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdFileExists(pszDbOldPath,&bOldFileExists);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdFileExists(pszDbPath, &bNewFieExists);
BAIL_ON_VMAFD_ERROR(dwError);
if (bOldFileExists && !bNewFieExists)
{
dwError = VmAfdCopyFile(pszDbOldPath, pszDbPath);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdDeleteFile(pszDbOldPath);
BAIL_ON_VMAFD_ERROR(dwError);
}
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszDbOldPath);
VMAFD_SAFE_FREE_STRINGA(pszDbPath);
return;
error:
goto cleanup;
}
BOOLEAN
VmAfdSrvIsValidGUID(
PCWSTR pwszGUID
)
{
DWORD dwError = 0;
BOOLEAN bResult = FALSE;
PSTR pszGUID = NULL;
if (!IsNullOrEmptyString(pwszGUID))
{
unsigned32 status = 0;
dce_uuid_t uuid;
dwError = VmAfdAllocateStringAFromW(pwszGUID, &pszGUID);
BAIL_ON_VMAFD_ERROR(dwError);
dce_uuid_from_string(pszGUID, &uuid, &status);
bResult = (status == uuid_s_ok);
}
error:
VMAFD_SAFE_FREE_STRINGA(pszGUID);
return bResult;
}
static
DWORD
VmAfdGetDbPath(
PSTR *ppszDbPath
)
{
DWORD dwError = 0;
PSTR pszDbPath = NULL;
VmAfdMoveOldDbFile();
dwError = VmAfdAllocateStringA(
VMAFD_CERT_DB,
&pszDbPath
);
BAIL_ON_VMAFD_ERROR (dwError);
*ppszDbPath = pszDbPath;
cleanup:
return dwError;
error:
if (ppszDbPath)
{
*ppszDbPath = NULL;
}
VMAFD_SAFE_FREE_STRINGA (pszDbPath);
goto cleanup;
}
static
DWORD
VmAfdCliGetLSLocation(
PVM_AFD_CLI_CONTEXT pContext
)
{
DWORD dwError = 0;
PSTR pszLSLocation = NULL;
if (!pContext)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdGetLSLocationA(
pContext->pszServerName,
&pszLSLocation);
BAIL_ON_VMAFD_ERROR(dwError);
printf("%s\n", pszLSLocation);
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszLSLocation);
return dwError;
error:
goto cleanup;
}
static
DWORD
VmAfdAllocateSidFromGid(
gid_t gid,
PSID *ppSid)
{
DWORD dwError = 0;
PSID pSid = NULL;
PSTR pszSid = NULL;
dwError = VmAfdAllocateStringPrintf(
&pszSid,
"S-1-22-2-%d", /* Unix gid SID string */
gid);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateSidFromCString(
&pSid,
pszSid);
BAIL_ON_VMAFD_ERROR(dwError);
*ppSid = pSid;
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszSid);
return dwError;
error:
goto cleanup;
}
static
DWORD
VmAfdAllocateSidFromUid(
uid_t uid,
PSID *ppSid)
{
DWORD dwError = 0;
NTSTATUS ntStatus = 0;
PSID pSid = NULL;
PSTR pszSid = NULL;
dwError = VmAfdAllocateStringPrintf(
&pszSid,
"S-1-22-1-%d", /* Unix uid SID string */
uid);
BAIL_ON_VMAFD_ERROR(dwError);
ntStatus = RtlAllocateSidFromCString(
&pSid,
pszSid);
dwError = LwNtStatusToWin32Error(ntStatus);
BAIL_ON_VMAFD_ERROR(dwError);
*ppSid = pSid;
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszSid);
return dwError;
error:
goto cleanup;
}
static
DWORD
VmDdnsMakeZone(
PSTR pszZone,
PVMAFD_MESSAGE_BUFFER pBuffer
)
{
DWORD dwError = 0;
DWORD stringLength = 0;
PSTR psLabelZone = NULL;
if( !pszZone || !pBuffer)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmDdnsConstructName(
pszZone,
&psLabelZone,
&stringLength
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdWriteStringToBuffer(
psLabelZone,
stringLength,
pBuffer
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdWriteUINT16ToBuffer(
VMDDNS_TYPE_SOA,
pBuffer
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdWriteUINT16ToBuffer(
VMDDNS_CLASS_INTERNET,
pBuffer
);
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
VMAFD_SAFE_FREE_STRINGA(psLabelZone);
return dwError;
error:
goto cleanup;
}
static
void
PrintError(
DWORD dwError
)
{
PSTR pszErrorMsg = NULL;
if (!VmAfdGetErrorString(dwError, &pszErrorMsg))
{
fprintf(stderr, "vecs-cli failed. Error %u: %s \n", dwError, pszErrorMsg);
}
else
{
fprintf(stderr, "vecs-cli failed with error %u\n", dwError);
}
VMAFD_SAFE_FREE_STRINGA(pszErrorMsg);
}
static
DWORD
InitializeDatabase(
VOID
)
{
DWORD dwError = 0 ;
PSTR pszDbPath = NULL;
dwError = VmAfdGetDbPath(&pszDbPath);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VecsDbInitialize(pszDbPath);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = CdcDbInitialize(pszDbPath);
BAIL_ON_VMAFD_ERROR(dwError);
error :
VMAFD_SAFE_FREE_STRINGA (pszDbPath);
return dwError;
}
int _tmain(int argc, _TCHAR* targv[])
#endif
{
DWORD dwError = 0;
int retCode = 0;
PCSTR pszErrorMsg = NULL;
PSTR pszErrorDesc = NULL;
#ifdef _WIN32
char** allocArgv = NULL;
PSTR* argv = NULL;
#ifdef UNICODE
dwError = VmAfdAllocateArgsAFromArgsW( argc, targv, &allocArgv );
BAIL_ON_VMAFD_ERROR(dwError);
argv = allocArgv;
#else /* ifndef UNICODE */
argv = targv; // non-unicode => targv is char
#endif /* ifdef UNICODE */
#else /* ifndef _WIN32 */
setlocale(LC_ALL, "");
#endif /* ifdef _WIN32 */
dwError = ProcessArgs(argc, argv);
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszErrorDesc);
return dwError;
error:
switch (dwError)
{
case ERROR_CANNOT_CONNECT_VMAFD:
retCode = 20;
pszErrorMsg = "Could not connect to the local service VMware AFD.\nVerify VMware AFD is running.";
break;
case VMDIR_ERROR_CANNOT_CONNECT_VMDIR:
retCode = 21;
pszErrorMsg = "Could not connect to the local service VMware Directory Service.\nVerify VMware Directory Service is running.";
break;
case ERROR_INVALID_CONFIGURATION:
retCode = 22;
pszErrorMsg = "Configuration is not correct.\nFirst boot scripts need to be executed.";
break;
case VMDIR_ERROR_SERVER_DOWN:
retCode = 23;
pszErrorMsg = "Could not connect to VMware Directory Service via LDAP.\nVerify VMware Directory Service is running on the appropriate system and is reachable from this host.";
break;
case VMDIR_ERROR_USER_INVALID_CREDENTIAL:
retCode = 24;
pszErrorMsg = "Authentication to VMware Directory Service failed.\nVerify the username and password.";
break;
case ERROR_ACCESS_DENIED:
retCode = 25;
pszErrorMsg = "Authorization failed.\nVerify account has proper administrative privileges.";
break;
case ERROR_INVALID_DOMAINNAME:
retCode = 26;
pszErrorMsg = "Failed to join the domain.\nThe domain name specified is invalid.";
break;
case ERROR_NO_SUCH_DOMAIN:
retCode = 27;
pszErrorMsg = "Failed to join the domain.\nA domain controller for the domain could not be located. Verify the DNS settings pertaining to this domain name.";
break;
case ERROR_PASSWORD_RESTRICTION:
retCode = 28;
pszErrorMsg = "Failed to join the domain.\nA required password was not specified or did not match complexity requirements.";
break;
case ERROR_HOST_DOWN:
retCode = 29;
pszErrorMsg = "Failed to join the domain.\nThe required service on the domain controller is unreachable.";
break;
default:
retCode = 1;
}
if (retCode != 1)
{
fprintf(
stderr,
"domain-join failed, error= %s %u\n",
pszErrorMsg,
dwError);
}
else
{
if (!VmAfdGetErrorString(dwError, &pszErrorDesc))
{
fprintf(stderr, "domain-join failed. Error %u: %s \n", dwError, pszErrorDesc);
}
else
{
fprintf(stderr, "domain-join failed with error: %u\n", dwError);
}
}
goto cleanup;
}
DWORD
VmAfdRestPasswordRefresh(
PCSTR pszServer,
PCSTR pszDomain,
PCSTR pszUser,
PCSTR pszPass,
BOOLEAN bForce,
BOOLEAN bInsecure,
PSTR *ppszNewPass
)
{
DWORD dwError = 0;
PSTR pszToken = NULL;
PSTR pszNewPass = NULL;
PSTR pszUrl = NULL;
PVM_HTTP_CLIENT pHttpClient = NULL;
PSTR pszParamString = NULL;
PCSTR pszResult = NULL;
PWSTR pwszCAPath = NULL;
PSTR pszCAPath = NULL;
if (IsNullOrEmptyString(pszServer) ||
IsNullOrEmptyString(pszDomain) ||
IsNullOrEmptyString(pszUser) ||
IsNullOrEmptyString(pszPass) ||
!ppszNewPass)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
if (bInsecure)
{
pszCAPath = NULL;
}
else
{
dwError = VmAfSrvGetCAPath(&pwszCAPath);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateStringAFromW(pwszCAPath, &pszCAPath);
BAIL_ON_VMAFD_ERROR(dwError);
}
/* acquire token */
dwError = VmAfdAcquireOIDCToken(
pszServer,
pszDomain,
pszUser,
pszPass,
pszCAPath,
VMAFD_OIDC_VMDIR_SCOPE,
&pszToken);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateStringPrintf(
&pszParamString,
"?force=%s",
bForce?"true":"false");
BAIL_ON_VMAFD_ERROR(dwError);
/* make rest url */
dwError = VmFormatUrl(
"https",
pszServer,
VMDIR_REST_API_HTTPS_PORT,
VMDIR_REST_API_BASE"/"VMDIR_REST_API_PASSWORD_REFRESH_CMD,
pszParamString,
&pszUrl);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmHttpClientInit(&pHttpClient, pszCAPath);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmHttpClientSetToken(pHttpClient,
VMHTTP_TOKEN_TYPE_BEARER,
pszToken);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmHttpClientPerform(pHttpClient, VMHTTP_METHOD_POST, pszUrl);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmHttpClientGetResult(pHttpClient, &pszResult);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = _VmAfdGetHttpResultPassword(pszResult, &pszNewPass);
BAIL_ON_VMAFD_ERROR(dwError);
/* pszPassword could be NULL if force is not set or not aged */
/* caller handles this scenario */
*ppszNewPass = pszNewPass;
cleanup:
VmHttpClientFreeHandle(pHttpClient);
VMAFD_SAFE_FREE_MEMORY(pszCAPath);
VMAFD_SAFE_FREE_MEMORY(pwszCAPath);
VMAFD_SAFE_FREE_STRINGA(pszParamString);
VMAFD_SAFE_FREE_STRINGA(pszUrl);
VMAFD_SAFE_FREE_STRINGA(pszToken);
return dwError;
error:
VMAFD_SAFE_FREE_STRINGA(pszNewPass);
goto cleanup;
}
DWORD
VmDdnsUpdateMakePacket(
PSTR pszZone,
PSTR pszHostname,
PSTR pszName,
PSTR* ppDnsPacket,
DWORD* ppacketSize,
DWORD headerId,
DWORD dwFlag
)
{
PSTR pLabelName = NULL;
PSTR fqdn = NULL;
DWORD dwError = 0;
DWORD labelLength = 0;
DWORD packetSize = 0;
DWORD upCount = 2;
VMDNS_IP4_ADDRESS* pV4Address = NULL;
VMDNS_IP6_ADDRESS* pV6Address = NULL;
PVMAFD_MESSAGE_BUFFER pDnsBuffer = NULL;
PSTR pDnsPacket = NULL;
if(!pszZone || !pszName || !pszHostname || !ppDnsPacket || !ppacketSize)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateStringPrintf(
&fqdn,
"%s.%s",
pszName,
pszZone
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmDdnsConstructName(
fqdn,
&pLabelName,
&labelLength
);
BAIL_ON_VMAFD_ERROR(dwError);
//Add updated records
if(dwFlag == VMDDNS_UPDATE_PACKET)
{
dwError = VmDdnsGetSourceIp(
&pV4Address,
&pV6Address
);
BAIL_ON_VMAFD_ERROR(dwError);
upCount++;
}
dwError = VmAfdAllocateBufferStream(
0,
&pDnsBuffer
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmDdnsMakeUpdateHeader(
pDnsBuffer,
headerId,
upCount
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmDdnsMakeZone(
pszZone,
pDnsBuffer
);
BAIL_ON_VMAFD_ERROR(dwError);
//Delete all A records
dwError = VmDdnsMakeDeleteRR(
VMDDNS_TYPE_A,
pLabelName,
labelLength,
pDnsBuffer
);
BAIL_ON_VMAFD_ERROR(dwError);
//Delete all AAAA records
dwError = VmDdnsMakeDeleteRR(
VMDDNS_TYPE_AAAA,
pLabelName,
labelLength,
pDnsBuffer
);
BAIL_ON_VMAFD_ERROR(dwError);
if(dwFlag == VMDDNS_UPDATE_PACKET)
{
//Add A records
if(pV4Address)
{
dwError = VmDdnsMakeUpdateRR(
VMDDNS_TYPE_A,
pLabelName,
labelLength,
pDnsBuffer,
pV4Address,
NULL
);
BAIL_ON_VMAFD_ERROR(dwError);
}
else
{
dwError = VmDdnsMakeUpdateRR(
VMDDNS_TYPE_AAAA,
pLabelName,
labelLength,
pDnsBuffer,
NULL,
pV6Address
);
BAIL_ON_VMAFD_ERROR(dwError);
}
}
dwError = VmAfdCopyBufferFromBufferStream(
pDnsBuffer,
NULL,
&packetSize
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateMemory(
packetSize,
(PVOID)&pDnsPacket
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdCopyBufferFromBufferStream(
pDnsBuffer,
pDnsPacket,
&packetSize
);
BAIL_ON_VMAFD_ERROR(dwError);
*ppDnsPacket = pDnsPacket;
*ppacketSize = packetSize;
cleanup:
VMAFD_SAFE_FREE_MEMORY(pV4Address);
VMAFD_SAFE_FREE_MEMORY(pV6Address);
VmAfdFreeBufferStream(pDnsBuffer);
VMAFD_SAFE_FREE_STRINGA(pLabelName);
VMAFD_SAFE_FREE_STRINGA(fqdn);
return dwError;
error:
if(pDnsPacket)
{
VMAFD_SAFE_FREE_STRINGA(pDnsPacket);
}
if(ppDnsPacket)
{
*ppDnsPacket = NULL;
}
goto cleanup;
}
static
DWORD
VmDdnsConstructName(
PSTR pInputString,
PSTR* ppOutString,
DWORD* pStringLength
)
{
PSTR pszTempString = NULL;
PSTR pszTempStringTwo = NULL;
DWORD labelLength = 0;
DWORD inputPos = 0;
DWORD outLength = 0;
DWORD dwError = 0;
if(!pInputString || !ppOutString || !pStringLength)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateMemory(
512,
(PVOID *)&pszTempString
);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateMemory(
64,
(PVOID *)&pszTempStringTwo
);
BAIL_ON_VMAFD_ERROR(dwError);
do
{
while(pInputString[inputPos] != '.' && pInputString[inputPos])
{
pszTempStringTwo[labelLength] = pInputString[inputPos];
labelLength++;
inputPos++;
}
//copy the length
pszTempString[outLength] = (BYTE)labelLength;
outLength++;
if(pInputString[inputPos] == '.')
{
inputPos++;
}
dwError = VmAfdCopyMemory(
(pszTempString + outLength),
outLength,
pszTempStringTwo,
(size_t)labelLength
);
BAIL_ON_VMAFD_ERROR(dwError);
outLength += labelLength;
labelLength = 0;
} while(pInputString[inputPos]);
*ppOutString = pszTempString;
*pStringLength = outLength;
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszTempStringTwo);
return dwError;
error:
if(ppOutString)
{
VMAFD_SAFE_FREE_STRINGA(*ppOutString);
ppOutString = NULL;
}
goto cleanup;
}
static
DWORD
VecsCliExecEntryRequest(
int argc,
char* argv[]
)
{
DWORD dwError = 0;
PSTR pszStoreName = NULL;
PSTR pszPassword = NULL;
PSTR pszAlias = NULL;
PSTR pszCertFilePath = NULL;
PSTR pszKeyFilePath = NULL;
PSTR pszOutputFilePath = NULL;
PSTR pszServerName = NULL;
PSTR pszUPN = NULL;
PSTR pszLotusPassword = NULL;
DWORD dwFormatAsText = 0;
DWORD idx = 0;
DWORD dwAliasesOnly = 0;
DWORD dwForceDelete = 0;
VECS_COMMAND command = VECS_COMMAND_UNKNOWN;
typedef enum
{
PARSE_MODE_OPEN = 0,
PARSE_MODE_CREATE,
PARSE_MODE_LIST,
PARSE_MODE_GET_ENTRY,
PARSE_MODE_DELETE
} PARSE_MODE;
typedef enum
{
PARSE_SUB_MODE_OPEN = 0,
PARSE_SUB_MODE_NAME,
PARSE_SUB_MODE_ALIAS,
PARSE_SUB_MODE_CERT_PATH,
PARSE_SUB_MODE_KEY_PATH,
PARSE_SUB_MODE_SERVER,
PARSE_SUB_MODE_UPN
} PARSE_SUB_MODE;
PARSE_MODE mode = PARSE_MODE_OPEN;
PARSE_SUB_MODE submode = PARSE_SUB_MODE_OPEN;
PVMAFD_SERVER pServer = NULL;
if (!argc)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
for (; idx < argc; idx++)
{
PSTR pszArg = argv[idx];
switch (mode)
{
case PARSE_MODE_OPEN:
if (!strcmp(pszArg, "create"))
{
command = VECS_COMMAND_ENTRY_CREATE;
mode = PARSE_MODE_CREATE;
}
else if (!strcmp(pszArg, "list"))
{
command = VECS_COMMAND_ENTRY_LIST;
mode = PARSE_MODE_LIST;
}
else if (!strcmp(pszArg, "delete"))
{
command = VECS_COMMAND_ENTRY_DELETE;
mode = PARSE_MODE_DELETE;
}
else if (!strcmp(pszArg, "getcert"))
{
command = VECS_COMMAND_ENTRY_GETCERT;
mode = PARSE_MODE_GET_ENTRY;
}
else if (!strcmp(pszArg, "getkey"))
{
command = VECS_COMMAND_ENTRY_GETKEY;
mode = PARSE_MODE_GET_ENTRY;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
break;
case PARSE_MODE_CREATE:
switch (submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--store"))
{
submode = PARSE_SUB_MODE_NAME;
}
else if (!strcmp(pszArg, "--alias"))
{
submode = PARSE_SUB_MODE_ALIAS;
}
else if (!strcmp(pszArg, "--cert"))
{
submode = PARSE_SUB_MODE_CERT_PATH;
}
else if (!strcmp(pszArg, "--key"))
{
submode = PARSE_SUB_MODE_KEY_PATH;
}
else if (!strcmp(pszArg, "--server"))
{
submode = PARSE_SUB_MODE_SERVER;
}
else if (!strcmp(pszArg, "--upn"))
{
submode = PARSE_SUB_MODE_UPN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
break;
case PARSE_SUB_MODE_NAME:
if (!pszStoreName)
{
pszStoreName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_ALIAS:
if (!pszAlias)
{
pszAlias = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_CERT_PATH:
if (!pszCertFilePath)
{
pszCertFilePath = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_KEY_PATH:
if (!pszKeyFilePath)
{
pszKeyFilePath = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_SERVER:
if (!pszServerName)
{
pszServerName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_UPN:
if (!pszUPN)
{
pszUPN = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
break;
}
break;
case PARSE_MODE_LIST:
switch (submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--store"))
{
submode = PARSE_SUB_MODE_NAME;
}
else if (!strcmp(pszArg, "--text"))
{
dwFormatAsText = 1;
submode = PARSE_SUB_MODE_OPEN;
}
else if (!strcmp(pszArg, "--aliases"))
{
dwAliasesOnly = 1;
submode = PARSE_SUB_MODE_OPEN;
}
else if (!strcmp(pszArg, "--server"))
{
submode = PARSE_SUB_MODE_SERVER;
}
else if (!strcmp(pszArg, "--upn"))
{
submode = PARSE_SUB_MODE_UPN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
break;
case PARSE_SUB_MODE_NAME:
if (!pszStoreName)
{
pszStoreName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_SERVER:
if (!pszServerName)
{
pszServerName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_UPN:
if (!pszUPN)
{
pszUPN = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
break;
}
break;
case PARSE_MODE_GET_ENTRY:
switch (submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--store"))
{
submode = PARSE_SUB_MODE_NAME;
}
else if(!strcmp(pszArg, "--alias"))
{
submode = PARSE_SUB_MODE_ALIAS;
}
else if(!strcmp(pszArg, "--output"))
{
submode = PARSE_SUB_MODE_CERT_PATH;
}
else if(!strcmp(pszArg, "--text"))
{
submode = PARSE_SUB_MODE_OPEN;
dwFormatAsText = 1;
}
else if (!strcmp(pszArg, "--server"))
{
submode = PARSE_SUB_MODE_SERVER;
}
else if (!strcmp(pszArg, "--upn"))
{
submode = PARSE_SUB_MODE_UPN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
break;
case PARSE_SUB_MODE_NAME:
if (!pszStoreName)
{
pszStoreName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_ALIAS:
if (!pszAlias)
{
pszAlias = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_CERT_PATH:
if (!pszOutputFilePath)
{
pszOutputFilePath = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_SERVER:
if (!pszServerName)
{
pszServerName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_UPN:
if (!pszUPN)
{
pszUPN = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
break;
case PARSE_MODE_DELETE:
switch (submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--store"))
{
submode = PARSE_SUB_MODE_NAME;
}
else if (!strcmp(pszArg, "--alias"))
{
submode = PARSE_SUB_MODE_ALIAS;
}
else if (!strcmp(pszArg, "-y"))
{
dwForceDelete = 1;
submode = PARSE_SUB_MODE_OPEN;
}
else if (!strcmp(pszArg, "--server"))
{
submode = PARSE_SUB_MODE_SERVER;
}
else if (!strcmp(pszArg, "--upn"))
{
submode = PARSE_SUB_MODE_UPN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
break;
case PARSE_SUB_MODE_NAME:
if (!pszStoreName)
{
pszStoreName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_ALIAS:
if (!pszAlias)
{
pszAlias = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_SERVER:
if (!pszServerName)
{
pszServerName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_UPN:
if (!pszUPN)
{
pszUPN = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
break;
}
break;
}
}
if (submode != PARSE_SUB_MODE_OPEN)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
if (IsNullOrEmptyString(pszServerName) ^
IsNullOrEmptyString(pszUPN)
)
{
dwError = ERROR_INVALID_STATE;
BAIL_ON_VECS_CLI_ERROR (
dwError,
"Error: You have to provide both server and upn \n"
);
}
if (!IsNullOrEmptyString(pszServerName))
{
fprintf (
stdout,
"Enter password:\t"
);
dwError = GetPassword(&pszLotusPassword);
BAIL_ON_VECS_CLI_ERROR(
dwError,
"Failed to get password from user \n"
);
fprintf (stdout, "\n");
}
dwError = VmAfdOpenServerA(
pszServerName,
pszUPN,
pszLotusPassword,
&pServer);
BAIL_ON_VECS_CLI_ERROR (
dwError,
"Failed to establish connection to remote server \n"
);
switch (command)
{
case VECS_COMMAND_ENTRY_CREATE:
dwError = VecsCliAddEntryA(
pServer,
pszStoreName,
pszPassword,
pszAlias,
pszCertFilePath,
pszKeyFilePath
);
break;
case VECS_COMMAND_ENTRY_LIST:
dwError = VecsCliListEntriesA(
pServer,
pszStoreName,
pszPassword,
dwFormatAsText,
dwAliasesOnly
);
break;
case VECS_COMMAND_ENTRY_GETCERT:
dwError = VecsCliGetCertificateA(
pServer,
pszStoreName,
pszPassword,
pszAlias,
pszOutputFilePath,
dwFormatAsText
);
break;
case VECS_COMMAND_ENTRY_GETKEY:
dwError = VecsCliGetKeyA(
pServer,
pszStoreName,
pszPassword,
pszAlias,
pszOutputFilePath,
dwFormatAsText
);
break;
case VECS_COMMAND_ENTRY_DELETE:
if (!dwForceDelete)
{
char input = 0;
fprintf (stdout,
"Warning: This operation will delete entry [%s] from store [%s]\n"
"Do you wish to continue? Y/N [N] \n",
pszAlias,
pszStoreName
);
scanf (
"%c",
&input
);
if (input == 'Y' || input == 'y')
{
dwForceDelete = 1;
}
}
if (dwForceDelete)
{
dwError = VecsCliDeleteEntryA(
pServer,
pszStoreName,
pszPassword,
pszAlias
);
}
break;
default:
dwError = ERROR_INVALID_STATE;
break;
}
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszLotusPassword);
if (pServer)
{
VmAfdCloseServer(pServer);
}
return dwError;
error:
goto cleanup;
}
static
DWORD
VecsCliExecStoreRequest(
int argc,
char* argv[]
)
{
DWORD dwError = 0;
PSTR pszStoreName = NULL;
PSTR pszPassword = NULL;
PSTR pszUserName = NULL;
PSTR pszServerName = NULL;
PSTR pszUPN = NULL;
PSTR pszLotusPassword = NULL;
DWORD idx = 0;
DWORD dwForceDelete = 0;
DWORD dwAccessMask = 0;
VECS_COMMAND command = VECS_COMMAND_UNKNOWN;
VECS_PERMISSION_MODE permMode = VECS_PERMISSION_MODE_UNKNOWN;
typedef enum
{
PARSE_MODE_OPEN = 0,
PARSE_MODE_CREATE,
PARSE_MODE_DELETE,
PARSE_MODE_LIST,
PARSE_MODE_PERMISSIONS,
PARSE_MODE_GET_PERMISSIONS
} PARSE_MODE;
typedef enum
{
PARSE_SUB_MODE_OPEN = 0,
PARSE_SUB_MODE_NAME,
PARSE_SUB_MODE_PASSWORD,
PARSE_SUB_MODE_USER,
PARSE_SUB_MODE_MASK,
PARSE_SUB_MODE_SERVER,
PARSE_SUB_MODE_UPN
} PARSE_SUB_MODE;
PARSE_MODE mode = PARSE_MODE_OPEN;
PARSE_SUB_MODE submode = PARSE_SUB_MODE_OPEN;
PVMAFD_SERVER pServer = NULL;
if (!argc)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
for (; idx < argc; idx++)
{
PSTR pszArg = argv[idx];
switch (mode)
{
case PARSE_MODE_OPEN:
if (!strcmp(pszArg, "create"))
{
command = VECS_COMMAND_STORE_CREATE;
mode = PARSE_MODE_CREATE;
}
else if (!strcmp(pszArg, "list"))
{
command = VECS_COMMAND_STORE_LIST;
mode = PARSE_MODE_LIST;
}
else if (!strcmp(pszArg, "delete"))
{
command = VECS_COMMAND_STORE_DELETE;
mode = PARSE_MODE_DELETE;
}
else if (!strcmp(pszArg, "permission"))
{
command = VECS_COMMAND_STORE_PERMISSION;
mode = PARSE_MODE_PERMISSIONS;
}
else if (!strcmp(pszArg, "get-permissions"))
{
command = VECS_COMMAND_STORE_GET_PERMISSIONS;
mode = PARSE_MODE_GET_PERMISSIONS;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
break;
case PARSE_MODE_CREATE:
switch (submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--name"))
{
submode = PARSE_SUB_MODE_NAME;
}
else if (!strcmp(pszArg, "--server"))
{
submode = PARSE_SUB_MODE_SERVER;
}
else if (!strcmp(pszArg, "--upn"))
{
submode = PARSE_SUB_MODE_UPN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
break;
case PARSE_SUB_MODE_NAME:
pszStoreName = pszArg;
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_SERVER:
pszServerName = pszArg;
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_UPN:
pszUPN = pszArg;
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
break;
}
break;
case PARSE_MODE_DELETE:
switch (submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--name"))
{
submode = PARSE_SUB_MODE_NAME;
}
else if (!strcmp(pszArg, "-y"))
{
dwForceDelete = 1;
submode = PARSE_SUB_MODE_OPEN;
}
else if (!strcmp(pszArg, "--server"))
{
submode = PARSE_SUB_MODE_SERVER;
}
else if (!strcmp(pszArg, "--upn"))
{
submode = PARSE_SUB_MODE_UPN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
break;
case PARSE_SUB_MODE_NAME:
pszStoreName = pszArg;
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_SERVER:
pszServerName = pszArg;
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_UPN:
pszUPN = pszArg;
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_STATE;
BAIL_ON_VMAFD_ERROR(dwError);
break;
}
break;
case PARSE_MODE_LIST:
switch(submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--server"))
{
submode = PARSE_SUB_MODE_SERVER;
}
else if (!strcmp(pszArg, "--upn"))
{
submode = PARSE_SUB_MODE_UPN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
break;
case PARSE_SUB_MODE_SERVER:
if (!pszServerName)
{
pszServerName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_UPN:
if (!pszUPN)
{
pszUPN = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
break;
}
break;
case PARSE_MODE_PERMISSIONS:
switch (submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--name"))
{
submode = PARSE_SUB_MODE_NAME;
}
else if (!strcmp(pszArg, "--grant"))
{
if (permMode != VECS_PERMISSION_MODE_UNKNOWN)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
permMode = VECS_PERMISSION_MODE_GRANT;
submode = PARSE_SUB_MODE_MASK;
}
else if (!strcmp(pszArg, "--revoke"))
{
if (permMode != VECS_PERMISSION_MODE_UNKNOWN)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
permMode = VECS_PERMISSION_MODE_REVOKE;
submode = PARSE_SUB_MODE_MASK;
}
else if (!strcmp (pszArg, "--user"))
{
submode = PARSE_SUB_MODE_USER;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
break;
case PARSE_SUB_MODE_NAME:
if (!pszStoreName)
{
pszStoreName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_MASK:
if (!strcmp(pszArg, "read"))
{
dwAccessMask = dwAccessMask |
READ_STORE;
}
else if (!strcmp (pszArg, "write"))
{
dwAccessMask = dwAccessMask |
WRITE_STORE;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_USER:
if (!pszUserName)
{
pszUserName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
break;
}
break;
case PARSE_MODE_GET_PERMISSIONS:
switch (submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--name"))
{
submode = PARSE_SUB_MODE_NAME;
}
else if (!strcmp(pszArg, "--server"))
{
submode = PARSE_SUB_MODE_SERVER;
}
else if (!strcmp(pszArg, "--upn"))
{
submode = PARSE_SUB_MODE_UPN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
break;
case PARSE_SUB_MODE_NAME:
pszStoreName = pszArg;
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_SERVER:
pszServerName = pszArg;
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_UPN:
pszUPN = pszArg;
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_STATE;
BAIL_ON_VMAFD_ERROR(dwError);
break;
}
break;
}
}
if (IsNullOrEmptyString(pszServerName) ^
IsNullOrEmptyString(pszUPN)
)
{
dwError = ERROR_INVALID_STATE;
BAIL_ON_VECS_CLI_ERROR (
dwError,
"Error: You have to provide both server and upn \n"
);
}
if (!IsNullOrEmptyString(pszServerName))
{
fprintf (
stdout,
"Enter password:\t"
);
dwError = GetPassword(&pszLotusPassword);
BAIL_ON_VECS_CLI_ERROR(
dwError,
"Failed to get password from user \n"
);
fprintf (stdout, "\n");
}
dwError = VmAfdOpenServerA(
pszServerName,
pszUPN,
pszLotusPassword,
&pServer);
BAIL_ON_VECS_CLI_ERROR(
dwError,
"Failed to establish connection to remote server \n"
);
switch (command)
{
case VECS_COMMAND_STORE_CREATE:
dwError = VecsCliCreateStoreA(pServer, pszStoreName);
break;
case VECS_COMMAND_STORE_LIST:
dwError = VecsCliListStoreA(pServer);
break;
case VECS_COMMAND_STORE_DELETE:
if (!dwForceDelete)
{
char input = 0;
fprintf (stdout,
"Warning: This operation will delete store [%s]\n"
"Do you wish to continue? Y/N [N] \n",
pszStoreName
);
scanf (
"%c",
&input
);
if (input == 'Y' || input == 'y')
{
dwForceDelete = 1;
}
}
if (dwForceDelete)
{
dwError = VecsCliDeleteStoreA(pServer, pszStoreName, pszPassword);
}
break;
case VECS_COMMAND_STORE_PERMISSION:
dwError = VecsCliSetPermissionA (
pszStoreName,
pszUserName,
permMode,
dwAccessMask
);
break;
case VECS_COMMAND_STORE_GET_PERMISSIONS:
dwError = VecsCliGetPermissionsA (
pServer,
pszStoreName
);
break;
default:
dwError = ERROR_INVALID_STATE;
break;
}
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszLotusPassword);
if (pServer)
{
VmAfdCloseServer(pServer);
}
return dwError;
error:
goto cleanup;
}
static
DWORD
VecsCliTriggerRefreshThread(
int argc,
char* argv[]
)
{
DWORD dwError = 0;
PSTR pszServerName = NULL;
PSTR pszUPN = NULL;
PSTR pszLotusPassword = NULL;
DWORD idx = 0;
typedef enum
{
PARSE_SUB_MODE_OPEN = 0,
PARSE_SUB_MODE_SERVER,
PARSE_SUB_MODE_UPN
} PARSE_SUB_MODE;
PARSE_SUB_MODE submode = PARSE_SUB_MODE_OPEN;
for (; idx < argc; idx++)
{
PSTR pszArg = argv[idx];
switch (submode)
{
case PARSE_SUB_MODE_OPEN:
if (!strcmp(pszArg, "--server"))
{
submode = PARSE_SUB_MODE_SERVER;
}
else if (!strcmp(pszArg, "--upn"))
{
submode = PARSE_SUB_MODE_UPN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
break;
case PARSE_SUB_MODE_SERVER:
if (!pszServerName)
{
pszServerName = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
case PARSE_SUB_MODE_UPN:
if (!pszUPN)
{
pszUPN = pszArg;
}
submode = PARSE_SUB_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
break;
}
}
if (submode != PARSE_SUB_MODE_OPEN)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
if (IsNullOrEmptyString(pszServerName) ^
IsNullOrEmptyString(pszUPN)
)
{
dwError = ERROR_INVALID_STATE;
BAIL_ON_VECS_CLI_ERROR (
dwError,
"Error: You have to provide both server and upn \n"
);
}
if (!IsNullOrEmptyString(pszServerName))
{
fprintf (
stdout,
"Enter password:\t"
);
dwError = GetPassword(&pszLotusPassword);
BAIL_ON_VECS_CLI_ERROR(
dwError,
"Failed to get password from user \n"
);
fprintf (stdout, "\n");
}
dwError = VmAfdTriggerRootCertsRefresh(
pszServerName,
pszUPN,
pszLotusPassword);
BAIL_ON_VECS_CLI_ERROR (
dwError,
"Failed to trigger root cert refresh \n"
);
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszLotusPassword);
return dwError;
error:
goto cleanup;
}
DWORD
VmAfSrvConfigureDNSA(
PCSTR pszServerName,
PCSTR pszDomainName,
PCSTR pszUserName,
PCSTR pszPassword
)
{
DWORD dwError = 0;
PSTR pszCanonicalServerName = NULL;
PVMDNS_SERVER_CONTEXT pServerContext = NULL;
VMDNS_IP4_ADDRESS* pV4Addresses = NULL;
DWORD numV4Address = 0;
PVMDNS_IP6_ADDRESS pV6Addresses = NULL;
DWORD numV6Address = 0;
VMDNS_INIT_INFO initInfo = {0};
dwError = VmAfSrvGetIPAddressesWrap(
&pV4Addresses,
&numV4Address,
&pV6Addresses,
&numV6Address);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfSrvGetLotusServerName(
pszServerName,
&pszCanonicalServerName);
BAIL_ON_VMAFD_ERROR(dwError);
VmAfdLog(
VMAFD_DEBUG_ANY,
"%s server name for dns init: %s",
__FUNCTION__,
pszCanonicalServerName);
initInfo.IpV4Addrs.Addrs = pV4Addresses;
initInfo.IpV4Addrs.dwCount = numV4Address;
initInfo.IpV6Addrs.Addrs = pV6Addresses;
initInfo.IpV6Addrs.dwCount = numV6Address;
initInfo.pszDcSrvName = pszCanonicalServerName;
initInfo.pszDomain = (PSTR)pszDomainName;
initInfo.wPort = VMDNS_DEFAULT_LDAP_PORT;
dwError = VmDnsOpenServerA(
"localhost", /* always promote with local DNS */
pszUserName,
pszDomainName,
pszPassword,
0,
NULL,
&pServerContext);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmDnsInitializeA(pServerContext, &initInfo);
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
if (pServerContext)
{
VmDnsCloseServer(pServerContext);
}
VMAFD_SAFE_FREE_MEMORY(pV4Addresses);
VMAFD_SAFE_FREE_MEMORY(pV6Addresses);
VMAFD_SAFE_FREE_STRINGA(pszCanonicalServerName);
return dwError;
error:
VmAfdLog(
VMAFD_DEBUG_ANY,
"Failed to initialize DNS. Error(%u)",
dwError);
goto cleanup;
}
DWORD
VmAfdRegGetString(
PCSTR pszSubKey, /* IN */
PCSTR pszValueName, /* IN */
PWSTR* ppwszValue /* OUT */
)
{
DWORD dwError = 0;
PVMAF_CFG_CONNECTION pConnection = NULL;
PVMAF_CFG_KEY pRootKey = NULL;
PVMAF_CFG_KEY pParamsKey = NULL;
PSTR pszValue = NULL;
PWSTR pwszValue = NULL;
BAIL_ON_VMAFD_INVALID_POINTER(ppwszValue, dwError);
dwError = VmAfConfigOpenConnection(&pConnection);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigOpenRootKey(
pConnection,
"HKEY_LOCAL_MACHINE",
0,
KEY_READ,
&pRootKey);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigOpenKey(
pConnection,
pRootKey,
pszSubKey,
0,
KEY_READ,
&pParamsKey);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigReadStringValue(
pParamsKey,
NULL,
pszValueName,
&pszValue);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateStringWFromA(pszValue, &pwszValue);
BAIL_ON_VMAFD_ERROR(dwError);
*ppwszValue = pwszValue;
cleanup:
if (pParamsKey)
{
VmAfConfigCloseKey(pParamsKey);
}
if (pRootKey)
{
VmAfConfigCloseKey(pRootKey);
}
if (pConnection)
{
VmAfConfigCloseConnection(pConnection);
}
VMAFD_SAFE_FREE_STRINGA(pszValue);
return dwError;
error:
if (ppwszValue)
{
*ppwszValue = NULL;
}
goto cleanup;
}
DWORD
VmAfdRegSetString(
PCSTR pszSubKeyParam, /* IN */
PCSTR pszValueName, /* IN */
PCWSTR pwszValue /* IN */
)
{
DWORD dwError = 0;
PVMAF_CFG_CONNECTION pConnection = NULL;
PVMAF_CFG_KEY pRootKey = NULL;
PVMAF_CFG_KEY pParamsKey = NULL;
PCSTR pszSubKey = pszSubKeyParam ? pszSubKeyParam : VMAFD_CONFIG_PARAMETER_KEY_PATH;
PSTR pszValue = NULL;
if (IsNullOrEmptyString(pszValueName) ||
IsNullOrEmptyString(pwszValue))
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfConfigOpenConnection(&pConnection);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigOpenRootKey(
pConnection,
"HKEY_LOCAL_MACHINE",
0,
KEY_READ,
&pRootKey);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigOpenKey(
pConnection,
pRootKey,
pszSubKey,
0,
KEY_SET_VALUE,
&pParamsKey);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateStringAFromW(pwszValue, &pszValue);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigSetValue(
pParamsKey,
pszValueName,
REG_SZ,
(PBYTE)pszValue,
(DWORD)strlen(pszValue) + 1);
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
if (pParamsKey)
{
VmAfConfigCloseKey(pParamsKey);
}
if (pRootKey)
{
VmAfConfigCloseKey(pRootKey);
}
if (pConnection)
{
VmAfConfigCloseConnection(pConnection);
}
VMAFD_SAFE_FREE_STRINGA(pszValue);
return dwError;
error:
goto cleanup;
}
/**
* To add log entry for PCDC_DC_INFO_W
**/
DWORD
VmAfdAddCDCSuperLogEntry(
PVMSUPERLOGGING pLogger,
UINT64 iStartTime,
UINT64 iEndTime,
PCDC_DC_INFO_W pDCEntry,
CDC_DC_STATE dwState,
DWORD dwErrorCode
)
{
PVMAFD_SUPERLOG_ENTRY pLogEntry = NULL;
DWORD dwError = 0;
PSTR pszDCName = NULL;
PSTR pszDomainName = NULL;
PSTR pszSiteName = NULL;
PSTR pszDCAddress = NULL;
// AFD should not fail if super logging is disabled. This is why returning 0 here
if (!VmAfdIsSuperLoggingEnabled(pLogger))
{
dwError = ERROR_NOT_READY;
BAIL_ON_VMAFD_ERROR_NO_LOG(dwError);
}
if(!pDCEntry)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
pLogEntry = (PVMAFD_SUPERLOG_ENTRY)VmAfdCircularBufferGetNextEntry(pLogger->pCircularBuffer);
if(!pLogEntry)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
memset(pLogEntry, 0, sizeof(*pLogEntry));
pLogEntry->iStartTime = iStartTime;
pLogEntry->iEndTime = iEndTime;
pLogEntry->dwErrorCode = dwErrorCode;
pLogEntry->dwState = dwState;
if(pDCEntry && pDCEntry->pszDCName)
{
dwError = VmAfdAllocateStringAFromW(pDCEntry->pszDCName, &pszDCName);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdStringCpyA((PSTR)pLogEntry->pszDCName, VMAFD_MAX_DN_LEN, pszDCName);
BAIL_ON_VMAFD_ERROR(dwError);
}
if(pDCEntry && pDCEntry->pszDomainName)
{
dwError = VmAfdAllocateStringAFromW(pDCEntry->pszDomainName, &pszDomainName);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdStringCpyA((PSTR)pLogEntry->pszDomainName, VMAFD_MAX_DN_LEN, pszDomainName);
BAIL_ON_VMAFD_ERROR(dwError);
}
if(pDCEntry && pDCEntry->pszDcSiteName)
{
dwError = VmAfdAllocateStringAFromW(pDCEntry->pszDcSiteName, &pszSiteName);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdStringCpyA((PSTR)pLogEntry->pszSiteName, VMAFD_MAX_DN_LEN, pszSiteName);
BAIL_ON_VMAFD_ERROR(dwError);
}
if(pDCEntry && pDCEntry->pszDCAddress)
{
dwError = VmAfdAllocateStringAFromW(pDCEntry->pszDCAddress, &pszDCAddress);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdStringCpyA((PSTR)pLogEntry->pszDCAddress, VMAFD_MAX_DN_LEN, pszDCAddress);
BAIL_ON_VMAFD_ERROR(dwError);
}
cleanup:
VMAFD_SAFE_FREE_STRINGA(pszDCName);
VMAFD_SAFE_FREE_STRINGA(pszDomainName);
VMAFD_SAFE_FREE_STRINGA(pszSiteName);
VMAFD_SAFE_FREE_STRINGA(pszDCAddress);
return dwError;
error:
goto cleanup;
}
