DWORD VmAfdParseArgs( int argc, char* argv[], int* pLoggingLevel, PBOOLEAN pbEnableSysLog, PBOOLEAN pbEnableConsole ) { DWORD dwError = ERROR_SUCCESS; int i = 1; // first arg is the <name of exe>.exe while( i < argc ) { if( VmAfdIsCmdLineOption( argv[i] ) != FALSE ) { if ( VmAfdStringCompareA( VMAFD_OPTION_LOGGING_LEVEL, argv[i], TRUE ) == 0 ) { dwError = VmAfdGetCmdLineIntOption( argc, argv, &i, pLoggingLevel ); BAIL_ON_VMAFD_ERROR(dwError); } else if ( VmAfdStringCompareA( VMAFD_OPTION_ENABLE_SYSLOG, argv[i], TRUE ) == 0 ) { if ( pbEnableSysLog != NULL ) { *pbEnableSysLog = TRUE; } } #ifdef _DEBUG else if ( VmAfdStringCompareA( VMAFD_OPTION_ENABLE_CONSOLE, argv[i], TRUE ) == 0 || VmAfdStringCompareA( VMAFD_OPTION_ENABLE_CONSOLE_LONG, argv[i], TRUE ) == 0 ) { if ( pbEnableConsole != NULL ) { *pbEnableConsole = TRUE; } } #endif else { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } } i++; } // while error: return dwError; }
static DWORD VmAfdCheckCertOnDisk( PCSTR pszAlias, PCSTR pszCAPath, PCSTR pszFilename, LONG maxIndex, PBOOLEAN pbCertOnDisk ) { DWORD dwError = 0; LONG index = 0; BOOLEAN bCertOnDisk = FALSE; PSTR pszPath = NULL; PSTR pszAliasOther = NULL; // Note : maxIndex starts from 0 for (; !bCertOnDisk && (index <= maxIndex); index++) { VMAFD_SAFE_FREE_MEMORY(pszPath); dwError = VmAfdAllocateStringPrintf( &pszPath, "%s%s%s.%ld", pszCAPath, VMAFD_PATH_SEPARATOR_STR, pszFilename, index); BAIL_ON_VMAFD_ERROR(dwError); VMAFD_SAFE_FREE_MEMORY(pszAliasOther); dwError = VecsComputeCertAliasFile(pszPath, &pszAliasOther); BAIL_ON_VMAFD_ERROR(dwError); if (!VmAfdStringCompareA(pszAlias, pszAliasOther, FALSE)) { bCertOnDisk = TRUE; } } *pbCertOnDisk = bCertOnDisk; cleanup: VMAFD_SAFE_FREE_MEMORY(pszPath); VMAFD_SAFE_FREE_MEMORY(pszAliasOther); return dwError; error: *pbCertOnDisk = FALSE; goto cleanup; }
static DWORD _VmAfdJsonResultPasswordCB( PVOID pUserData, PCSTR pszKey, PVM_JSON_RESULT_VALUE pValue ) { DWORD dwError = 0; PSTR *ppszPassword = NULL; PSTR pszPassword = NULL; if (!pUserData || !pszKey || !pValue) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } if (!VmAfdStringCompareA("password", pszKey, TRUE)) { if (pValue->nType == JSON_RESULT_STRING) { dwError = VmAfdAllocateStringA(pValue->value.pszValue, &pszPassword); BAIL_ON_VMAFD_ERROR(dwError); ppszPassword = (PSTR *)pUserData; *ppszPassword = pszPassword; } } cleanup: return dwError; error: VMAFD_SAFE_FREE_MEMORY(pszPassword); goto cleanup; }
DWORD VmAfdParseArgs( int argc, char* argv[], PSTR* ppszTargetHost, PSTR* ppszSourceUserName, PSTR* ppszTargetUserName, PSTR* ppszSourcePassword, PSTR* ppszTargetPassword ) { DWORD dwError = ERROR_SUCCESS; PSTR pszTargetHost = NULL; PSTR pszSourceUserName = NULL; PSTR pszTargetUserName = NULL; PSTR pszSourcePassword = NULL; PSTR pszTargetPassword = NULL; #ifndef _WIN32 int opt=0; #else int i=1; PSTR optarg = NULL; #endif if (ppszTargetHost == NULL || ppszSourceUserName ==NULL || ppszTargetUserName == NULL || ppszSourcePassword == NULL || ppszTargetPassword ==NULL ) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } #ifndef _WIN32 while ( (opt = getopt( argc, argv, VMAFD_OPTIONS_VALID)) != EOF ) { switch ( opt ) { case VMAFD_OPTION_TARGET_HOST: pszTargetHost = optarg; break; case VMAFD_OPTION_SOURCE_USERNAME: pszSourceUserName = optarg; break; case VMAFD_OPTION_TARGET_USERNAME: pszTargetUserName = optarg; break; case VMAFD_OPTION_SOURCE_PASSWORD: pszSourcePassword = optarg; break; case VMAFD_OPTION_TARGET_PASSWORD: pszTargetPassword = optarg; break; default: dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); break; } } #else while (i < argc) { if (VmAfdIsCmdLineOption(argv[i]) != FALSE) { if (VmAfdStringCompareA(VMAFD_OPTION_TARGET_HOST, argv[i], TRUE) == 0) { VmAfdGetCmdLineOption(argc, argv, &i, &pszTargetHost); } else if (VmAfdStringCompareA(VMAFD_OPTION_SOURCE_USERNAME, argv[i], TRUE) == 0) { VmAfdGetCmdLineOption(argc, argv, &i, &pszSourceUserName); } else if (VmAfdStringCompareA(VMAFD_OPTION_TARGET_USERNAME, argv[i], TRUE) == 0) { VmAfdGetCmdLineOption(argc, argv, &i, &pszTargetUserName); } else if (VmAfdStringCompareA(VMAFD_OPTION_SOURCE_PASSWORD, argv[i], TRUE) == 0) { VmAfdGetCmdLineOption(argc, argv, &i, &pszSourcePassword); } else if (VmAfdStringCompareA(VMAFD_OPTION_TARGET_PASSWORD, argv[i], TRUE) == 0) { VmAfdGetCmdLineOption(argc, argv, &i, &pszTargetPassword); } } i++; } #endif if (pszTargetHost == NULL || pszSourceUserName ==NULL || pszTargetUserName == NULL || pszSourcePassword == NULL || pszTargetPassword ==NULL) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } *ppszTargetHost = pszTargetHost; *ppszSourceUserName = pszSourceUserName; *ppszTargetUserName = pszTargetUserName; *ppszSourcePassword = pszSourcePassword; *ppszTargetPassword = pszTargetPassword; cleanup: return dwError; error: goto cleanup; }
static DWORD VmAfSrvCheckDC( PDNS_SERVER_INFO pServerInfo, PCSTR pszDomain, PCSTR pszUPN, PCSTR pszPassword, PSTR* ppszHostname, PSTR* ppszNetworkAddress ) { DWORD dwError = 0; PSTR pszHostname = NULL; PSTR pszNetworkAddress = NULL; PSTR pszDomainOther = NULL; LDAP* pLd = NULL; dwError = VmAfdLDAPConnect( pServerInfo->pszAddress, 0, pszUPN, pszPassword, &pLd); BAIL_ON_VMAFD_ERROR(dwError); dwError = VmAfdGetDefaultDomainName(pLd, &pszDomainOther); BAIL_ON_VMAFD_ERROR(dwError); if (VmAfdStringCompareA(pszDomain, pszDomainOther, FALSE) != 0) { dwError = ERROR_DC_NOT_FOUND; BAIL_ON_VMAFD_ERROR(dwError); } dwError = VmAfdAllocateStringA(pServerInfo->pszName, &pszHostname); BAIL_ON_VMAFD_ERROR(dwError); dwError = VmAfdAllocateStringA(pServerInfo->pszAddress, &pszNetworkAddress); BAIL_ON_VMAFD_ERROR(dwError); *ppszHostname = pszHostname; *ppszNetworkAddress = pszNetworkAddress; cleanup: if (pLd) { VmAfdLdapClose(pLd); } VMAFD_SAFE_FREE_MEMORY(pszDomainOther); return dwError; error: *ppszNetworkAddress = NULL; *ppszHostname = NULL; VMAFD_SAFE_FREE_MEMORY(pszHostname); VMAFD_SAFE_FREE_MEMORY(pszNetworkAddress); goto cleanup; }
/* * If pszServerName is in IP format, use it as Lotus Server Name. * If pszServerName is NOT "localhost" which means caller specify a name they prefer, use it as the Lotus Server Name. * * Otherwise, derive FQDN based on existing network naming configuration. * i.e. Call gethostname then perform forward+reverse lookup to derive the FQDN as Lotus Server Name. * The forward+reverse look up is for kerberos naming consistency between server (Lotus) and clients, which * could be Lotus or open sources, e.g. openldap. * However, this auto name resolution is error-prone as system could have multiple IF(s) defined and * we have no idea which IF we should pick to perform reverse lookup. * Thus, the best chance to get Kerberos working is - customer provides proper FQDN as Lotus Server Name. */ static DWORD VmAfSrvGetLotusServerName( PCSTR pszServerName, PSTR* ppOutServerName ) { DWORD dwError = 0; PSTR pszHostnameCanon = NULL; PSTR pszLocalHostName = NULL; PSTR pszFQDN = NULL; if ( !pszServerName || !ppOutServerName ) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } if ( VmAfdStringCompareA( pszServerName, "localhost", FALSE ) != 0 ) { // caller provides preferred Lotus Server Name or IP dwError = VmAfdAllocateStringA( pszServerName, &pszHostnameCanon ); BAIL_ON_VMAFD_ERROR(dwError); } else { // caller does NOT specify preferred Lotus Server Name, derives it ourselves. dwError = VmAfdGetHostName(&pszLocalHostName); BAIL_ON_VMAFD_ERROR(dwError); dwError = VmAfdGetCanonicalHostName(pszLocalHostName, &pszHostnameCanon); BAIL_ON_VMAFD_ERROR(dwError); } BAIL_ON_VMAFD_EMPTY_STRING(pszHostnameCanon, dwError); if (!VmAfdCheckIfIPV4AddressA(pszHostnameCanon) && !VmAfdCheckIfIPV6AddressA(pszHostnameCanon) && pszHostnameCanon[VmAfdStringLenA(pszHostnameCanon) - 1] != '.') { dwError = VmAfdAllocateStringPrintf( &pszFQDN, "%s.", pszHostnameCanon); BAIL_ON_VMAFD_ERROR(dwError); } else { pszFQDN = pszHostnameCanon; pszHostnameCanon = NULL; } *ppOutServerName = pszFQDN; VmAfdLog(VMAFD_DEBUG_ANY, "Lotus server name: (%s)", *ppOutServerName); cleanup: VMAFD_SAFE_FREE_MEMORY(pszHostnameCanon); return dwError; error: VMAFD_SAFE_FREE_MEMORY(pszFQDN); VmAfdLog(VMAFD_DEBUG_ANY, "%s failed (%s). Error(%u)", __FUNCTION__, pszServerName, dwError); goto cleanup; }
static DWORD ProcessLeave( int argc, char* argv[] ) { typedef enum { PARSE_MODE_OPEN = 0, PARSE_MODE_ACCOUNT, PARSE_MODE_PASSWORD } PARSE_MODE; DWORD dwError = 0; DWORD idx = 0; DWORD dwLeaveFlags = 0; PSTR pszLogin = NULL; PSTR pszPassword = NULL; PSTR pszPasswordNew = NULL; PARSE_MODE mode = PARSE_MODE_OPEN; for (; idx < argc; idx++) { PSTR pszArg = argv[idx]; switch (mode) { case PARSE_MODE_OPEN: if (!VmAfdStringCompareA(pszArg, "--username", TRUE)) { mode = PARSE_MODE_ACCOUNT; } else if (!VmAfdStringCompareA(pszArg, "--password", TRUE)) { mode = PARSE_MODE_PASSWORD; } else if (!VmAfdStringCompareA(pszArg, "--force", TRUE)) { dwLeaveFlags = dwLeaveFlags | VMAFD_DOMAIN_LEAVE_FLAGS_FORCE; mode = PARSE_MODE_OPEN; } else { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } break; case PARSE_MODE_ACCOUNT: pszLogin = pszArg; mode = PARSE_MODE_OPEN; break; case PARSE_MODE_PASSWORD: pszPassword = pszArg; mode = PARSE_MODE_OPEN; break; default: dwError = ERROR_INVALID_STATE; BAIL_ON_VMAFD_ERROR(dwError); break; } } if (pszLogin && !pszPassword) { dwError = ReadPassword(&pszPasswordNew); BAIL_ON_VMAFD_ERROR(dwError); pszPassword = pszPasswordNew; } dwError = VmAfdLeaveDomain( pszLogin, pszPassword, dwLeaveFlags ); BAIL_ON_VMAFD_ERROR(dwError); cleanup: VMAFD_SAFE_FREE_MEMORY(pszPasswordNew); return dwError; error: goto cleanup; }
static DWORD ProcessJoin( int argc, char* argv[] ) { typedef enum { PARSE_MODE_OPEN = 0, PARSE_MODE_ACCOUNT, PARSE_MODE_PASSWORD, PARSE_MODE_ORGUNIT, PARSE_MODE_SITENAME } PARSE_MODE; DWORD dwError = 0; DWORD idx = 0; PSTR pszLogin = NULL; PSTR pszPassword = NULL; PSTR pszPasswordNew = NULL; PSTR pszDomain = NULL; PSTR pszOrgUnit = NULL; PSTR pszSiteName = NULL; PARSE_MODE mode = PARSE_MODE_OPEN; if (!argc) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } for (; idx < argc; idx++) { PSTR pszArg = argv[idx]; switch (mode) { case PARSE_MODE_OPEN: if (!VmAfdStringCompareA(pszArg, "--username", TRUE)) { mode = PARSE_MODE_ACCOUNT; } else if (!VmAfdStringCompareA(pszArg, "--password", TRUE)) { mode = PARSE_MODE_PASSWORD; } else if (!VmAfdStringCompareA(pszArg, "--orgunit", TRUE)) { mode = PARSE_MODE_ORGUNIT; } else if (!VmAfdStringCompareA(pszArg, "--site", TRUE)) { mode = PARSE_MODE_SITENAME; } else { if (pszDomain) { dwError = ERROR_INVALID_COMMAND_LINE; BAIL_ON_VMAFD_ERROR(dwError); } pszDomain = pszArg; } break; case PARSE_MODE_ACCOUNT: pszLogin = pszArg; mode = PARSE_MODE_OPEN; break; case PARSE_MODE_PASSWORD: pszPassword = pszArg; mode = PARSE_MODE_OPEN; break; case PARSE_MODE_ORGUNIT: pszOrgUnit = pszArg; mode = PARSE_MODE_OPEN; break; case PARSE_MODE_SITENAME: pszSiteName = pszArg; mode = PARSE_MODE_OPEN; break; default: dwError = ERROR_INVALID_STATE; BAIL_ON_VMAFD_ERROR(dwError); break; } } if (!pszPassword) { dwError = ReadPassword(&pszPasswordNew); BAIL_ON_VMAFD_ERROR(dwError); pszPassword = pszPasswordNew; } if (!pszDomain) { dwError = ERROR_NO_SUCH_DOMAIN; BAIL_ON_VMAFD_ERROR(dwError); } if (!pszLogin) { pszLogin = "******"; } else if (strchr(pszLogin, (int)'@') != NULL) { fprintf(stderr, "Error: Username may not include domain\n"); dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } dwError = VmAfdJoinDomainWithSite( pszDomain, pszLogin, pszPassword, pszOrgUnit, pszSiteName); BAIL_ON_VMAFD_ERROR(dwError); cleanup: VMAFD_SAFE_FREE_MEMORY(pszPasswordNew); return dwError; error: goto cleanup; }
static DWORD ProcessArgs( int argc, char* argv[] ) { DWORD dwError = 0; DWORD iArg = 0; DWORD dwArgsLeft = argc; PSTR pszArg = NULL; if (!argc || !argv) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } iArg++; // skip first argument dwArgsLeft--; if (!dwArgsLeft) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } pszArg = argv[iArg++]; dwArgsLeft--; if (!VmAfdStringCompareA(pszArg, "help", TRUE)) { ShowUsage(); } else if (!VmAfdStringCompareA(pszArg, "join", TRUE)) { dwError = ProcessJoin( dwArgsLeft, dwArgsLeft > 0 ? &argv[iArg] : NULL); } else if (!VmAfdStringCompareA(pszArg, "leave", TRUE)) { dwError = ProcessLeave( dwArgsLeft, dwArgsLeft > 0 ? &argv[iArg] : NULL); } else if (!VmAfdStringCompareA(pszArg, "info", TRUE)) { dwError = ProcessInfo( dwArgsLeft, dwArgsLeft > 0 ? &argv[iArg] : NULL); } else { dwError = ERROR_INVALID_PARAMETER; } BAIL_ON_VMAFD_ERROR(dwError); cleanup: return dwError; error: if (dwError == ERROR_INVALID_PARAMETER || dwError == ERROR_INVALID_COMMAND_LINE) { ShowUsage(); } goto cleanup; }