DWORD
VmAfdParseArgs(
int argc,
char* argv[],
int* pLoggingLevel,
PBOOLEAN pbEnableSysLog,
PBOOLEAN pbEnableConsole
)
{
DWORD dwError = ERROR_SUCCESS;
int i = 1; // first arg is the <name of exe>.exe
while( i < argc )
{
if( VmAfdIsCmdLineOption( argv[i] ) != FALSE )
{
if ( VmAfdStringCompareA(
VMAFD_OPTION_LOGGING_LEVEL, argv[i], TRUE ) == 0 )
{
dwError = VmAfdGetCmdLineIntOption(
argc, argv, &i, pLoggingLevel
);
BAIL_ON_VMAFD_ERROR(dwError);
}
else if ( VmAfdStringCompareA(
VMAFD_OPTION_ENABLE_SYSLOG, argv[i], TRUE ) == 0 )
{
if ( pbEnableSysLog != NULL )
{
*pbEnableSysLog = TRUE;
}
}
#ifdef _DEBUG
else if ( VmAfdStringCompareA(
VMAFD_OPTION_ENABLE_CONSOLE, argv[i], TRUE ) == 0 ||
VmAfdStringCompareA(
VMAFD_OPTION_ENABLE_CONSOLE_LONG, argv[i], TRUE ) == 0 )
{
if ( pbEnableConsole != NULL )
{
*pbEnableConsole = TRUE;
}
}
#endif
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
}
i++;
} // while
error:
return dwError;
}
static
DWORD
VmAfdCheckCertOnDisk(
PCSTR pszAlias,
PCSTR pszCAPath,
PCSTR pszFilename,
LONG maxIndex,
PBOOLEAN pbCertOnDisk
)
{
DWORD dwError = 0;
LONG index = 0;
BOOLEAN bCertOnDisk = FALSE;
PSTR pszPath = NULL;
PSTR pszAliasOther = NULL;
// Note : maxIndex starts from 0
for (; !bCertOnDisk && (index <= maxIndex); index++)
{
VMAFD_SAFE_FREE_MEMORY(pszPath);
dwError = VmAfdAllocateStringPrintf(
&pszPath,
"%s%s%s.%ld",
pszCAPath,
VMAFD_PATH_SEPARATOR_STR,
pszFilename,
index);
BAIL_ON_VMAFD_ERROR(dwError);
VMAFD_SAFE_FREE_MEMORY(pszAliasOther);
dwError = VecsComputeCertAliasFile(pszPath, &pszAliasOther);
BAIL_ON_VMAFD_ERROR(dwError);
if (!VmAfdStringCompareA(pszAlias, pszAliasOther, FALSE))
{
bCertOnDisk = TRUE;
}
}
*pbCertOnDisk = bCertOnDisk;
cleanup:
VMAFD_SAFE_FREE_MEMORY(pszPath);
VMAFD_SAFE_FREE_MEMORY(pszAliasOther);
return dwError;
error:
*pbCertOnDisk = FALSE;
goto cleanup;
}
static
DWORD
_VmAfdJsonResultPasswordCB(
PVOID pUserData,
PCSTR pszKey,
PVM_JSON_RESULT_VALUE pValue
)
{
DWORD dwError = 0;
PSTR *ppszPassword = NULL;
PSTR pszPassword = NULL;
if (!pUserData || !pszKey || !pValue)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
if (!VmAfdStringCompareA("password", pszKey, TRUE))
{
if (pValue->nType == JSON_RESULT_STRING)
{
dwError = VmAfdAllocateStringA(pValue->value.pszValue, &pszPassword);
BAIL_ON_VMAFD_ERROR(dwError);
ppszPassword = (PSTR *)pUserData;
*ppszPassword = pszPassword;
}
}
cleanup:
return dwError;
error:
VMAFD_SAFE_FREE_MEMORY(pszPassword);
goto cleanup;
}
DWORD
VmAfdParseArgs(
int argc,
char* argv[],
PSTR* ppszTargetHost,
PSTR* ppszSourceUserName,
PSTR* ppszTargetUserName,
PSTR* ppszSourcePassword,
PSTR* ppszTargetPassword
)
{
DWORD dwError = ERROR_SUCCESS;
PSTR pszTargetHost = NULL;
PSTR pszSourceUserName = NULL;
PSTR pszTargetUserName = NULL;
PSTR pszSourcePassword = NULL;
PSTR pszTargetPassword = NULL;
#ifndef _WIN32
int opt=0;
#else
int i=1;
PSTR optarg = NULL;
#endif
if (ppszTargetHost == NULL || ppszSourceUserName ==NULL || ppszTargetUserName == NULL ||
ppszSourcePassword == NULL || ppszTargetPassword ==NULL )
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
#ifndef _WIN32
while ( (opt = getopt( argc, argv, VMAFD_OPTIONS_VALID)) != EOF )
{
switch ( opt )
{
case VMAFD_OPTION_TARGET_HOST:
pszTargetHost = optarg;
break;
case VMAFD_OPTION_SOURCE_USERNAME:
pszSourceUserName = optarg;
break;
case VMAFD_OPTION_TARGET_USERNAME:
pszTargetUserName = optarg;
break;
case VMAFD_OPTION_SOURCE_PASSWORD:
pszSourcePassword = optarg;
break;
case VMAFD_OPTION_TARGET_PASSWORD:
pszTargetPassword = optarg;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
break;
}
}
#else
while (i < argc)
{
if (VmAfdIsCmdLineOption(argv[i]) != FALSE)
{
if (VmAfdStringCompareA(VMAFD_OPTION_TARGET_HOST, argv[i], TRUE) == 0)
{
VmAfdGetCmdLineOption(argc, argv, &i, &pszTargetHost);
}
else if (VmAfdStringCompareA(VMAFD_OPTION_SOURCE_USERNAME, argv[i], TRUE) == 0)
{
VmAfdGetCmdLineOption(argc, argv, &i, &pszSourceUserName);
}
else if (VmAfdStringCompareA(VMAFD_OPTION_TARGET_USERNAME, argv[i], TRUE) == 0)
{
VmAfdGetCmdLineOption(argc, argv, &i, &pszTargetUserName);
}
else if (VmAfdStringCompareA(VMAFD_OPTION_SOURCE_PASSWORD, argv[i], TRUE) == 0)
{
VmAfdGetCmdLineOption(argc, argv, &i, &pszSourcePassword);
}
else if (VmAfdStringCompareA(VMAFD_OPTION_TARGET_PASSWORD, argv[i], TRUE) == 0)
{
VmAfdGetCmdLineOption(argc, argv, &i, &pszTargetPassword);
}
}
i++;
}
#endif
if (pszTargetHost == NULL || pszSourceUserName ==NULL || pszTargetUserName == NULL ||
pszSourcePassword == NULL || pszTargetPassword ==NULL)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
*ppszTargetHost = pszTargetHost;
*ppszSourceUserName = pszSourceUserName;
*ppszTargetUserName = pszTargetUserName;
*ppszSourcePassword = pszSourcePassword;
*ppszTargetPassword = pszTargetPassword;
cleanup:
return dwError;
error:
goto cleanup;
}
static
DWORD
VmAfSrvCheckDC(
PDNS_SERVER_INFO pServerInfo,
PCSTR pszDomain,
PCSTR pszUPN,
PCSTR pszPassword,
PSTR* ppszHostname,
PSTR* ppszNetworkAddress
)
{
DWORD dwError = 0;
PSTR pszHostname = NULL;
PSTR pszNetworkAddress = NULL;
PSTR pszDomainOther = NULL;
LDAP* pLd = NULL;
dwError = VmAfdLDAPConnect(
pServerInfo->pszAddress,
0,
pszUPN,
pszPassword,
&pLd);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdGetDefaultDomainName(pLd, &pszDomainOther);
BAIL_ON_VMAFD_ERROR(dwError);
if (VmAfdStringCompareA(pszDomain, pszDomainOther, FALSE) != 0)
{
dwError = ERROR_DC_NOT_FOUND;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateStringA(pServerInfo->pszName, &pszHostname);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdAllocateStringA(pServerInfo->pszAddress, &pszNetworkAddress);
BAIL_ON_VMAFD_ERROR(dwError);
*ppszHostname = pszHostname;
*ppszNetworkAddress = pszNetworkAddress;
cleanup:
if (pLd)
{
VmAfdLdapClose(pLd);
}
VMAFD_SAFE_FREE_MEMORY(pszDomainOther);
return dwError;
error:
*ppszNetworkAddress = NULL;
*ppszHostname = NULL;
VMAFD_SAFE_FREE_MEMORY(pszHostname);
VMAFD_SAFE_FREE_MEMORY(pszNetworkAddress);
goto cleanup;
}
/*
* If pszServerName is in IP format, use it as Lotus Server Name.
* If pszServerName is NOT "localhost" which means caller specify a name they prefer, use it as the Lotus Server Name.
*
* Otherwise, derive FQDN based on existing network naming configuration.
* i.e. Call gethostname then perform forward+reverse lookup to derive the FQDN as Lotus Server Name.
* The forward+reverse look up is for kerberos naming consistency between server (Lotus) and clients, which
* could be Lotus or open sources, e.g. openldap.
* However, this auto name resolution is error-prone as system could have multiple IF(s) defined and
* we have no idea which IF we should pick to perform reverse lookup.
* Thus, the best chance to get Kerberos working is - customer provides proper FQDN as Lotus Server Name.
*/
static
DWORD
VmAfSrvGetLotusServerName(
PCSTR pszServerName,
PSTR* ppOutServerName
)
{
DWORD dwError = 0;
PSTR pszHostnameCanon = NULL;
PSTR pszLocalHostName = NULL;
PSTR pszFQDN = NULL;
if ( !pszServerName || !ppOutServerName )
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
if ( VmAfdStringCompareA( pszServerName, "localhost", FALSE ) != 0 )
{ // caller provides preferred Lotus Server Name or IP
dwError = VmAfdAllocateStringA( pszServerName, &pszHostnameCanon );
BAIL_ON_VMAFD_ERROR(dwError);
}
else
{ // caller does NOT specify preferred Lotus Server Name, derives it ourselves.
dwError = VmAfdGetHostName(&pszLocalHostName);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdGetCanonicalHostName(pszLocalHostName, &pszHostnameCanon);
BAIL_ON_VMAFD_ERROR(dwError);
}
BAIL_ON_VMAFD_EMPTY_STRING(pszHostnameCanon, dwError);
if (!VmAfdCheckIfIPV4AddressA(pszHostnameCanon) &&
!VmAfdCheckIfIPV6AddressA(pszHostnameCanon) &&
pszHostnameCanon[VmAfdStringLenA(pszHostnameCanon) - 1] != '.')
{
dwError = VmAfdAllocateStringPrintf(
&pszFQDN,
"%s.",
pszHostnameCanon);
BAIL_ON_VMAFD_ERROR(dwError);
}
else
{
pszFQDN = pszHostnameCanon;
pszHostnameCanon = NULL;
}
*ppOutServerName = pszFQDN;
VmAfdLog(VMAFD_DEBUG_ANY, "Lotus server name: (%s)", *ppOutServerName);
cleanup:
VMAFD_SAFE_FREE_MEMORY(pszHostnameCanon);
return dwError;
error:
VMAFD_SAFE_FREE_MEMORY(pszFQDN);
VmAfdLog(VMAFD_DEBUG_ANY, "%s failed (%s). Error(%u)",
__FUNCTION__, pszServerName, dwError);
goto cleanup;
}
static
DWORD
ProcessLeave(
int argc,
char* argv[]
)
{
typedef enum
{
PARSE_MODE_OPEN = 0,
PARSE_MODE_ACCOUNT,
PARSE_MODE_PASSWORD
} PARSE_MODE;
DWORD dwError = 0;
DWORD idx = 0;
DWORD dwLeaveFlags = 0;
PSTR pszLogin = NULL;
PSTR pszPassword = NULL;
PSTR pszPasswordNew = NULL;
PARSE_MODE mode = PARSE_MODE_OPEN;
for (; idx < argc; idx++)
{
PSTR pszArg = argv[idx];
switch (mode)
{
case PARSE_MODE_OPEN:
if (!VmAfdStringCompareA(pszArg, "--username", TRUE))
{
mode = PARSE_MODE_ACCOUNT;
}
else if (!VmAfdStringCompareA(pszArg, "--password", TRUE))
{
mode = PARSE_MODE_PASSWORD;
}
else if (!VmAfdStringCompareA(pszArg, "--force", TRUE))
{
dwLeaveFlags = dwLeaveFlags | VMAFD_DOMAIN_LEAVE_FLAGS_FORCE;
mode = PARSE_MODE_OPEN;
}
else
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
break;
case PARSE_MODE_ACCOUNT:
pszLogin = pszArg;
mode = PARSE_MODE_OPEN;
break;
case PARSE_MODE_PASSWORD:
pszPassword = pszArg;
mode = PARSE_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_STATE;
BAIL_ON_VMAFD_ERROR(dwError);
break;
}
}
if (pszLogin && !pszPassword)
{
dwError = ReadPassword(&pszPasswordNew);
BAIL_ON_VMAFD_ERROR(dwError);
pszPassword = pszPasswordNew;
}
dwError = VmAfdLeaveDomain( pszLogin, pszPassword, dwLeaveFlags );
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
VMAFD_SAFE_FREE_MEMORY(pszPasswordNew);
return dwError;
error:
goto cleanup;
}
static
DWORD
ProcessJoin(
int argc,
char* argv[]
)
{
typedef enum
{
PARSE_MODE_OPEN = 0,
PARSE_MODE_ACCOUNT,
PARSE_MODE_PASSWORD,
PARSE_MODE_ORGUNIT,
PARSE_MODE_SITENAME
} PARSE_MODE;
DWORD dwError = 0;
DWORD idx = 0;
PSTR pszLogin = NULL;
PSTR pszPassword = NULL;
PSTR pszPasswordNew = NULL;
PSTR pszDomain = NULL;
PSTR pszOrgUnit = NULL;
PSTR pszSiteName = NULL;
PARSE_MODE mode = PARSE_MODE_OPEN;
if (!argc)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
for (; idx < argc; idx++)
{
PSTR pszArg = argv[idx];
switch (mode)
{
case PARSE_MODE_OPEN:
if (!VmAfdStringCompareA(pszArg, "--username", TRUE))
{
mode = PARSE_MODE_ACCOUNT;
}
else if (!VmAfdStringCompareA(pszArg, "--password", TRUE))
{
mode = PARSE_MODE_PASSWORD;
}
else if (!VmAfdStringCompareA(pszArg, "--orgunit", TRUE))
{
mode = PARSE_MODE_ORGUNIT;
}
else if (!VmAfdStringCompareA(pszArg, "--site", TRUE))
{
mode = PARSE_MODE_SITENAME;
}
else
{
if (pszDomain)
{
dwError = ERROR_INVALID_COMMAND_LINE;
BAIL_ON_VMAFD_ERROR(dwError);
}
pszDomain = pszArg;
}
break;
case PARSE_MODE_ACCOUNT:
pszLogin = pszArg;
mode = PARSE_MODE_OPEN;
break;
case PARSE_MODE_PASSWORD:
pszPassword = pszArg;
mode = PARSE_MODE_OPEN;
break;
case PARSE_MODE_ORGUNIT:
pszOrgUnit = pszArg;
mode = PARSE_MODE_OPEN;
break;
case PARSE_MODE_SITENAME:
pszSiteName = pszArg;
mode = PARSE_MODE_OPEN;
break;
default:
dwError = ERROR_INVALID_STATE;
BAIL_ON_VMAFD_ERROR(dwError);
break;
}
}
if (!pszPassword)
{
dwError = ReadPassword(&pszPasswordNew);
BAIL_ON_VMAFD_ERROR(dwError);
pszPassword = pszPasswordNew;
}
if (!pszDomain)
{
dwError = ERROR_NO_SUCH_DOMAIN;
BAIL_ON_VMAFD_ERROR(dwError);
}
if (!pszLogin)
{
pszLogin = "******";
}
else if (strchr(pszLogin, (int)'@') != NULL)
{
fprintf(stderr, "Error: Username may not include domain\n");
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdJoinDomainWithSite(
pszDomain,
pszLogin,
pszPassword,
pszOrgUnit,
pszSiteName);
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
VMAFD_SAFE_FREE_MEMORY(pszPasswordNew);
return dwError;
error:
goto cleanup;
}
static
DWORD
ProcessArgs(
int argc,
char* argv[]
)
{
DWORD dwError = 0;
DWORD iArg = 0;
DWORD dwArgsLeft = argc;
PSTR pszArg = NULL;
if (!argc || !argv)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
iArg++; // skip first argument
dwArgsLeft--;
if (!dwArgsLeft)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
pszArg = argv[iArg++];
dwArgsLeft--;
if (!VmAfdStringCompareA(pszArg, "help", TRUE))
{
ShowUsage();
}
else if (!VmAfdStringCompareA(pszArg, "join", TRUE))
{
dwError = ProcessJoin(
dwArgsLeft,
dwArgsLeft > 0 ? &argv[iArg] : NULL);
}
else if (!VmAfdStringCompareA(pszArg, "leave", TRUE))
{
dwError = ProcessLeave(
dwArgsLeft,
dwArgsLeft > 0 ? &argv[iArg] : NULL);
}
else if (!VmAfdStringCompareA(pszArg, "info", TRUE))
{
dwError = ProcessInfo(
dwArgsLeft,
dwArgsLeft > 0 ? &argv[iArg] : NULL);
}
else
{
dwError = ERROR_INVALID_PARAMETER;
}
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
return dwError;
error:
if (dwError == ERROR_INVALID_PARAMETER ||
dwError == ERROR_INVALID_COMMAND_LINE)
{
ShowUsage();
}
goto cleanup;
}
