static
DWORD
_VmAfdCopyLogEntries(
PVMSUPERLOGGING pLogger,
UINT64 *puEnumerationHandle,
DWORD dwCount,
PVMAFD_SUPERLOG_ENTRY_ARRAY *ppEntries
)
{
DWORD dwError = 0;
PVMAFD_SUPERLOG_ENTRY_ARRAY pCollection = NULL;
LOG_SELECT_CONTEXT Context = { 0 };
dwError = VmAfdAllocateMemory(sizeof(VMAFD_SUPERLOG_ENTRY_ARRAY), (PVOID*)&pCollection);
BAIL_ON_VMAFD_ERROR(dwError);
pCollection->entries = NULL;
pCollection->dwCount = dwCount;
if (dwCount > 0)
{
//
// We allocate a buffer for the total size the client requested, even though
// there might not be that many eligible records. This is faster than walking
// the list twice (once to count how many we have, and again to copy them).
//
dwError = VmAfdAllocateMemory(sizeof(VMAFD_SUPERLOG_ENTRY) * dwCount, (PVOID*)&pCollection->entries);
pCollection->dwCount = dwCount;
BAIL_ON_VMAFD_ERROR(dwError);
Context.DestinationBuffer = pCollection->entries;
Context.StartTime = *puEnumerationHandle;
Context.dwDesiredCount = dwCount;
Context.dwCount = 0;
//
// We have to pass zero for count to walk every element, as we don't know which ones we want (based on puEnumerationHandle).
//
dwError = VmAfdCircularBufferSelectElements(pLogger->pCircularBuffer, 0, CopyLogEntryCallback, &Context);
BAIL_ON_VMAFD_ERROR(dwError);
Context.dwError = 0;
pCollection->dwCount = pLogger->pCircularBuffer->dwSize;
}
*ppEntries = pCollection;
cleanup:
return dwError;
error:
VmAfdFreeSuperLogEntryArray(pCollection);
goto cleanup;
}
DWORD
VmAfdCreateAnonymousConnectionContextImpl(
PVM_AFD_CONNECTION_CONTEXT *ppConnectionContext
)
{
DWORD dwError = 0;
PVM_AFD_CONNECTION_CONTEXT pConnectionContext = NULL;
PVM_AFD_SECURITY_CONTEXT pSecurityContext = NULL;
if (ppConnectionContext == NULL)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdAllocateMemory (
sizeof(VM_AFD_CONNECTION_CONTEXT),
(PVOID *) &pConnectionContext
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VmAfdAllocateMemory(
sizeof (VM_AFD_SECURITY_CONTEXT),
(PVOID *)&pSecurityContext);
BAIL_ON_VMAFD_ERROR (dwError);
pSecurityContext->uid = 0;
pConnectionContext->pConnection = NULL;
pConnectionContext->pSecurityContext = pSecurityContext;
pConnectionContext->bAnonymousContext = TRUE;
*ppConnectionContext = pConnectionContext;
cleanup:
return dwError;
error:
if (ppConnectionContext != NULL){
*ppConnectionContext = NULL;
}
if (pSecurityContext){
VmAfdFreeSecurityContext(pSecurityContext);
}
if (pConnectionContext){
VmAfdFreeMemory(pConnectionContext);
}
goto cleanup;
}
DWORD
VmAfSrvGetHeartbeatStatus(
PVMAFD_HB_STATUS_W* ppHeartbeatStatus
)
{
DWORD dwError = 0;
PVMAFD_HB_STATUS_W pHeartbeatStatus = NULL;
BOOL bIsHoldingLock = FALSE;
DWORD dwEntriesCount = 0;
if (!ppHeartbeatStatus)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateMemory(
sizeof(VMAFD_HB_STATUS_W),
(PVOID *)&pHeartbeatStatus
);
BAIL_ON_VMAFD_ERROR(dwError);
pHeartbeatStatus->bIsAlive = TRUE;
VMAFD_LOCK_MUTEX_SHARED(&rwlockHeartbeatTable, bIsHoldingLock);
dwError = VmAfdGetHeartbeatInfo(
&pHeartbeatStatus->pHeartbeatInfoArr,
&dwEntriesCount,
&pHeartbeatStatus->bIsAlive
);
BAIL_ON_VMAFD_ERROR(dwError);
VMAFD_LOCK_MUTEX_UNLOCK(&rwlockHeartbeatTable, bIsHoldingLock);
pHeartbeatStatus->dwCount = dwEntriesCount;
*ppHeartbeatStatus = pHeartbeatStatus;
cleanup:
return dwError;
error:
if (ppHeartbeatStatus)
{
*ppHeartbeatStatus = NULL;
}
if (pHeartbeatStatus)
{
VmAfdFreeHbStatusW(pHeartbeatStatus);
}
goto cleanup;
}
static
DWORD
_VmAfdInitEventLogPublisherThread(
PVMAFD_CIRCULAR_BUFFER pCircularBuffer
)
{
DWORD dwError = 0;
PVMSUPERLOG_THREAD_INFO pThrInfo = NULL;
dwError = VmAfdAllocateMemory(
sizeof(*pThrInfo),
(PVOID)&pThrInfo);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = _VmAfdSrvThrInit(pThrInfo, NULL, NULL, TRUE);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = _VmAfdCreateThread(&pThrInfo->tid, FALSE, _VmAfdEventLogPublisherThrFun, (PVOID)pCircularBuffer);
BAIL_ON_VMAFD_ERROR(dwError);
_VmAfdSrvThrAdd(pThrInfo);
cleanup:
return dwError;
error:
if (pThrInfo)
{
VMAFD_SAFE_FREE_MEMORY(pThrInfo);
}
goto cleanup;
}
DWORD
VmAfWinCfgOpenConnection(
PVMAF_CFG_CONNECTION* ppConnection
)
{
DWORD dwError = 0;
PVMAF_CFG_CONNECTION pConnection = NULL;
dwError = VmAfdAllocateMemory(sizeof(*pConnection), (PVOID*)&pConnection);
BAIL_ON_VMAFD_ERROR(dwError);
pConnection->refCount = 1;
*ppConnection = pConnection;
cleanup:
return dwError;
error:
*ppConnection = NULL;
if (pConnection)
{
VmAfWinCfgCloseConnection(pConnection);
}
goto cleanup;
}
DWORD
VmAfdCopySecurityDescriptor (
PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptorSrc,
PVMAFD_SECURITY_DESCRIPTOR *ppSecurityDescriptorDest
)
{
DWORD dwError = 0;
PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
if (!pSecurityDescriptorSrc ||
!ppSecurityDescriptorDest
)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdAllocateMemory (
sizeof (VMAFD_SECURITY_DESCRIPTOR),
(PVOID *)&pSecurityDescriptor
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VmAfdCopySecurityContext(
pSecurityDescriptorSrc->pOwnerSecurityContext,
&pSecurityDescriptor->pOwnerSecurityContext
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VmAfdCopyAcl(
pSecurityDescriptorSrc->pAcl,
&pSecurityDescriptor->pAcl
);
BAIL_ON_VMAFD_ERROR (dwError);
pSecurityDescriptor->dwRevision = pSecurityDescriptorSrc->dwRevision;
pSecurityDescriptor->changeStatus = pSecurityDescriptorSrc->changeStatus;
*ppSecurityDescriptorDest = pSecurityDescriptor;
cleanup:
return dwError;
error:
if (ppSecurityDescriptorDest)
{
*ppSecurityDescriptorDest = NULL;
}
if (pSecurityDescriptor)
{
VmAfdFreeSecurityDescriptor(pSecurityDescriptor);
}
goto cleanup;
}
DWORD
VmAfdOpenSSLInit(VOID)
{
DWORD dwError = 0;
DWORD dwIndex = 0;
pthread_mutex_t *pMutexes = NULL;
BOOL bInitMutexes = FALSE;
if (!gVmAfdSSLGlobals.pMutexes)
{
DWORD dwNumLocks = CRYPTO_num_locks();
gVmAfdSSLGlobals.dwNumMutexes = 0;
bInitMutexes = TRUE;
dwError = VmAfdAllocateMemory(
dwNumLocks*sizeof(pthread_mutex_t),
(PVOID*)&pMutexes
);
BAIL_ON_VMAFD_ERROR (dwError);
for (; dwIndex<dwNumLocks; ++dwIndex)
{
if (pthread_mutex_init(&(pMutexes[dwIndex]), NULL))
{
dwError = ERROR_NOT_ENOUGH_MEMORY;
BAIL_ON_VMAFD_ERROR (dwError);
}
}
gVmAfdSSLGlobals.pMutexes = pMutexes;
pMutexes = NULL;
gVmAfdSSLGlobals.dwNumMutexes = dwNumLocks;
CRYPTO_set_locking_callback (VmAfdOpenSSLLockingCallback);
}
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
cleanup:
return dwError;
error:
if (pMutexes)
{
VmAfdFreeMutexesArray(pMutexes, dwIndex);
}
if (bInitMutexes)
{
VmAfdCleanupSSLMutexes();
}
goto cleanup;
}
DWORD
DirCliGetX509Name(
X509_NAME *pCertName,
DWORD dwFlags,
PSTR* ppszSubjectDN
)
{
DWORD dwError = 0;
size_t len = 0;
BIO* pBioMem = NULL;
PSTR pszSubjectName = NULL;
pBioMem = BIO_new(BIO_s_mem());
if (!pBioMem)
{
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_VMAFD_ERROR(dwError);
}
X509_NAME_print_ex(pBioMem, pCertName, 0, dwFlags);
len = BIO_pending(pBioMem);
if (len <= 0)
{
dwError = ERROR_INVALID_DATA;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateMemory(len + 1, (PVOID*)&pszSubjectName);
BAIL_ON_VMAFD_ERROR(dwError);
if (BIO_read(pBioMem, pszSubjectName, len) != len)
{
dwError = ERROR_INVALID_STATE;
BAIL_ON_VMAFD_ERROR(dwError);
}
*ppszSubjectDN = pszSubjectName;
cleanup:
if (pBioMem)
{
BIO_free(pBioMem);
}
return dwError;
error:
*ppszSubjectDN = NULL;
goto cleanup;
}
static
DWORD
VmAfdCopyQueryResultAttributeString(
LDAP* pLotus,
LDAPMessage* pCAResult,
PCSTR pszAttribute,
BOOL bOptional,
PSTR* ppszOut
)
{
DWORD dwError = 0;
struct berval** ppValues = NULL;
PSTR pszOut = NULL;
ppValues = ldap_get_values_len(
pLotus,
pCAResult,
pszAttribute);
if (ppValues && ppValues[0])
{
dwError = VmAfdAllocateMemory(
sizeof(CHAR) * ppValues[0]->bv_len + 1,
(PVOID)&pszOut);
BAIL_ON_VMAFD_ERROR(dwError);
memcpy(
(PVOID) pszOut,
(PVOID) ppValues[0]->bv_val,
(size_t) ppValues[0]->bv_len);
}
else if (!bOptional)
{
dwError = ERROR_INVALID_DATA;
BAIL_ON_VMAFD_ERROR(dwError);
}
*ppszOut = pszOut;
cleanup:
if (ppValues)
{
ldap_value_free_len(ppValues);
ppValues = NULL;
}
return dwError;
error:
VMAFD_SAFE_FREE_MEMORY(pszOut);
if (ppszOut)
{
*ppszOut = NULL;
}
goto cleanup;
}
DWORD
VmAfdCreateWellKnownContextImpl (
VM_AFD_CONTEXT_TYPE contextType,
PVM_AFD_SECURITY_CONTEXT *ppSecurityContext
)
{
DWORD dwError = 0;
PVM_AFD_SECURITY_CONTEXT pSecurityContext = NULL;
if (!ppSecurityContext)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdAllocateMemory (
sizeof (VM_AFD_SECURITY_CONTEXT),
(PVOID *)&pSecurityContext
);
BAIL_ON_VMAFD_ERROR (dwError);
switch (contextType)
{
case VM_AFD_CONTEXT_TYPE_ROOT:
pSecurityContext->uid = 0;
break;
case VM_AFD_CONTEXT_TYPE_EVERYONE:
pSecurityContext->uid = EVERYONE_UID;
break;
default:
dwError = ERROR_INVALID_PARAMETER;
break;
}
BAIL_ON_VMAFD_ERROR (dwError);
*ppSecurityContext = pSecurityContext;
cleanup:
return dwError;
error:
if (ppSecurityContext)
{
*ppSecurityContext = NULL;
}
if (pSecurityContext)
{
VmAfdFreeSecurityContext (pSecurityContext);
}
goto cleanup;
}
DWORD
VmAfdOpenServerConnectionImpl(
PVM_AFD_CONNECTION *ppConnection
)
{
DWORD dwError = 0;
int socket_fd = -1, on = 1;
struct sockaddr_un address = {0};
PVM_AFD_CONNECTION pConnection = NULL;
socket_fd = socket(PF_UNIX,SOCK_STREAM, 0);
if (socket_fd < 0){
dwError = LwErrnoToWin32Error(errno);
BAIL_ON_VMAFD_ERROR(dwError);
}
if( setsockopt( socket_fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on) ) < 0){
dwError = LwErrnoToWin32Error(errno);
BAIL_ON_VMAFD_ERROR(dwError);
}
unlink (SOCKET_FILE_PATH);
address.sun_family = AF_UNIX;
snprintf (address.sun_path, sizeof(SOCKET_FILE_PATH), SOCKET_FILE_PATH);
if (bind (socket_fd, (struct sockaddr *)&address, sizeof(struct sockaddr_un)) < 0){
dwError = LwErrnoToWin32Error(errno);
BAIL_ON_VMAFD_ERROR(dwError);
}
if (listen (socket_fd, 5) < 0){
dwError = LwErrnoToWin32Error(errno);
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateMemory(sizeof(VM_AFD_CONNECTION), (PVOID *)&pConnection);
BAIL_ON_VMAFD_ERROR(dwError);
pConnection->fd = socket_fd;
*ppConnection = pConnection;
cleanup:
return dwError;
error:
if (ppConnection != NULL){
*ppConnection = NULL;
}
if (socket_fd >=0 ){
close (socket_fd);
}
VMAFD_SAFE_FREE_MEMORY (pConnection);
goto cleanup;
}
DWORD
VecsDbCreateContext(
PVECS_DB_CONTEXT* ppDbContext
)
{
DWORD dwError = 0;
PVECS_DB_CONTEXT pDbContext = NULL;
VECS_DB_LOCK_MUTEX(&gVecsDbGlobals.mutex);
if (gVecsDbGlobals.pDbContextList)
{
pDbContext = gVecsDbGlobals.pDbContextList;
gVecsDbGlobals.pDbContextList = gVecsDbGlobals.pDbContextList->pNext;
pDbContext->pNext = NULL;
gVecsDbGlobals.dwNumCachedContexts--;
}
else
{
dwError = VmAfdAllocateMemory(sizeof(*pDbContext), (PVOID*)&pDbContext);
BAIL_ON_VECS_ERROR(dwError);
dwError = sqlite3_open(
gVecsDbGlobals.pszDbPath,
&pDbContext->pDb);
BAIL_ON_VECS_ERROR(dwError);
dwError = sqlite3_busy_timeout(
pDbContext->pDb,
5000);
BAIL_ON_VECS_ERROR(dwError);
}
*ppDbContext = pDbContext;
cleanup:
VECS_DB_UNLOCK_MUTEX(&gVecsDbGlobals.mutex);
return dwError;
error:
*ppDbContext = NULL;
if (pDbContext)
{
VecsDbFreeContext(pDbContext);
}
goto cleanup;
}
DWORD
VmAfdOpenClientConnectionImpl(
PVM_AFD_CONNECTION *ppConnection
)
{
DWORD dwError = 0;
int socket_fd = 0;
struct sockaddr_un address;
PVM_AFD_CONNECTION pConnection = NULL;
socket_fd = socket (PF_UNIX, SOCK_STREAM, 0);
if (socket_fd < 0){
dwError = LwErrnoToWin32Error(errno);
BAIL_ON_VMAFD_ERROR(dwError);
}
memset (&address, 0, sizeof(struct sockaddr_un));
address.sun_family = AF_UNIX;
snprintf (address.sun_path, sizeof(SOCKET_FILE_PATH), SOCKET_FILE_PATH);
if (connect(socket_fd, (struct sockaddr *) &address, sizeof(struct sockaddr_un)) <0)
{
if (errno == ENOENT || errno == ECONNREFUSED)
{
dwError = ERROR_CANNOT_CONNECT_VMAFD;
}
else if (errno == EACCES)
{
dwError = ERROR_ACCESS_DENIED;
}
else
{
dwError = LwErrnoToWin32Error (errno);
}
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateMemory (sizeof(VM_AFD_CONNECTION),(PVOID *)&pConnection);
BAIL_ON_VMAFD_ERROR(dwError);
pConnection->fd = socket_fd;
*ppConnection = pConnection;
cleanup:
return dwError;
error:
if (ppConnection != NULL){
*ppConnection = NULL;
}
if (socket_fd >= 0){
close (socket_fd);
}
VMAFD_SAFE_FREE_MEMORY(pConnection);
goto cleanup;
}
DWORD
VmAfdAllocateContextFromNameImpl (
PCWSTR pszAccountName,
PVM_AFD_SECURITY_CONTEXT *ppSecurityContext
)
{
DWORD dwError = 0;
struct passwd *pd = NULL;
PSTR psazAccountName = NULL;
PVM_AFD_SECURITY_CONTEXT pSecurityContext = NULL;
dwError = VmAfdAllocateStringAFromW (
pszAccountName,
&psazAccountName
);
BAIL_ON_VMAFD_ERROR (dwError);
pd = getpwnam (psazAccountName);
if (pd == NULL)
{
dwError = ERROR_NONE_MAPPED;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdAllocateMemory (
sizeof (VM_AFD_SECURITY_CONTEXT),
(PVOID *)&pSecurityContext
);
BAIL_ON_VMAFD_ERROR (dwError);
pSecurityContext->uid = pd->pw_uid;
*ppSecurityContext = pSecurityContext;
cleanup:
VMAFD_SAFE_FREE_MEMORY (psazAccountName);
return dwError;
error:
if (ppSecurityContext)
{
*ppSecurityContext = NULL;
}
if (pSecurityContext)
{
VmAfdFreeSecurityContext(pSecurityContext);
}
goto cleanup;
}
static
DWORD
VmAfdCopyAcl(
PVMAFD_ACL pAclSrc,
PVMAFD_ACL *ppAclDest
)
{
DWORD dwError = 0;
PVMAFD_ACL pAcl = NULL;
if (!pAclSrc ||
!ppAclDest
)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdAllocateMemory (
sizeof (VMAFD_ACL),
(PVOID *) &pAcl
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VmAfdCopyAceList (
pAclSrc->pAceList,
&pAcl->pAceList
);
BAIL_ON_VMAFD_ERROR (dwError);
pAcl->dwAceCount = pAclSrc->dwAceCount;
*ppAclDest = pAcl;
cleanup:
return dwError;
error:
if (ppAclDest)
{
*ppAclDest = NULL;
}
if (pAcl)
{
VmAfdFreeAcl(pAcl);
}
goto cleanup;
}
static
DWORD
VmAfdGetDbPath(
PSTR *ppszDbPath
)
{
DWORD dwError = 0;
PSTR pszDbBasePath = NULL;
PSTR pszDbPath = NULL;
DWORD dwPathLength = 0;
dwError = VecsSrvGetDBBasePath(
&pszDbBasePath
);
BAIL_ON_VMAFD_ERROR (dwError);
dwPathLength = VmAfdStringLenA(pszDbBasePath) +
VmAfdStringLenA(VMAFD_CERT_DB_FILE) + 1;
dwError = VmAfdAllocateMemory(
dwPathLength,
(PVOID *)&pszDbPath
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VmAfdStringPrintFA(
pszDbPath,
dwPathLength,
"%s%s",
pszDbBasePath,
VMAFD_CERT_DB_FILE
);
BAIL_ON_VMAFD_ERROR (dwError);
*ppszDbPath = pszDbPath;
cleanup:
VMAFD_SAFE_FREE_STRINGA (pszDbBasePath);
return dwError;
error:
if (ppszDbPath)
{
*ppszDbPath = NULL;
}
VMAFD_SAFE_FREE_STRINGA (pszDbPath);
goto cleanup;
}
DWORD
DirCliCreateCert(
PCSTR pszCertPath,
PDIR_CLI_CERT* ppCert
)
{
DWORD dwError = 0;
PSTR pszCert = NULL;
PDIR_CLI_CERT pCert = NULL;
dwError = VmAfdAllocateMemory(sizeof(DIR_CLI_CERT), (PVOID*)&pCert);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = DirCliGetCertContent(pszCertPath, &pszCert);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = DirCliPEMToX509(pszCert, &pCert->pX509Cert);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = DirCliGetCertSubjectName(
pCert->pX509Cert,
&pCert->pszSubjectName);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VecsComputeCertFingerPrint(
pCert->pX509Cert,
VECS_ENCRYPTION_ALGORITHM_SHA_1,
&pCert->pszFingerPrint);
BAIL_ON_VMAFD_ERROR(dwError);
*ppCert = pCert;
cleanup:
VMAFD_SAFE_FREE_MEMORY(pszCert);
return dwError;
error:
*ppCert = NULL;
if (pCert)
{
DirCliFreeCert(pCert);
}
goto cleanup;
}
DWORD
VmAfWinCfgCreateKey(
PVMAF_CFG_CONNECTION pConnection,
PVMAF_CFG_KEY pKey,
PCSTR pszSubKey,
DWORD dwOptions,
DWORD dwAccess,
PVMAF_CFG_KEY* ppKey
)
{
DWORD dwError = 0;
PVMAF_CFG_KEY pKeyLocal = NULL;
dwError = VmAfdAllocateMemory(sizeof(*pKeyLocal), (PVOID*)&pKeyLocal);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = RegCreateKeyExA(
(pKey ? pKey->hKey : NULL),
pszSubKey,
0,
NULL,
dwOptions,
dwAccess,
NULL,
&pKeyLocal->hKey,
NULL);
BAIL_ON_VMAFD_ERROR(dwError);
pKeyLocal->pConnection = VmAfWinCfgAcquireConnection(pConnection);
*ppKey = pKeyLocal;
cleanup:
return dwError;
error:
*ppKey = NULL;
if (pKeyLocal)
{
VmAfWinCfgCloseKey(pKeyLocal);
}
goto cleanup;
}
DWORD
VmLinuxWaitOnEvent(
VMNETEVENT_FD FD,
PFN_VMNETEVENT_CALLBACK pCallback,
pthread_t* pEventThread
)
{
DWORD dwError = 0;
PVMNETEVENT_DATA pData = NULL;
pthread_t eventWorkerThread;
if (!pEventThread)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMNETEVENT_ERROR(dwError);
}
dwError = VmAfdAllocateMemory(
sizeof(VMNETEVENT_DATA),
(PVOID*)&pData
);
BAIL_ON_VMNETEVENT_ERROR(dwError);
pData->eventFd = FD;
pData->pfnCallBack = pCallback;
dwError = pthread_create(
&eventWorkerThread,
NULL,
VmLinuxWaitOnEventWorker,
(PVOID)pData
);
if (dwError)
{
dwError = LwErrnoToWin32Error(dwError);
BAIL_ON_VMNETEVENT_ERROR(dwError);
}
*pEventThread = eventWorkerThread;
cleanup:
return dwError;
error:
goto cleanup;
}
DWORD
VmAfdSuperLoggingInit(
PVMSUPERLOGGING *ppLogger
)
{
PVMSUPERLOGGING pLogger = NULL;
DWORD dwError = 0;
DWORD dwCapacity = 0;
dwError = VmAfdAllocateMemory(sizeof(*pLogger), (PVOID)&pLogger);
BAIL_ON_VMAFD_ERROR(dwError);
_VmAfdSuperLoggingReadRegistry(
&dwCapacity,
&pLogger->bEnabled);
dwError = VmAfdCircularBufferCreate(
dwCapacity,
sizeof(VMAFD_SUPERLOG_ENTRY), &pLogger->pCircularBuffer);
BAIL_ON_VMAFD_ERROR(dwError);
// Note: Keep event log publisher disabled until we have a run-time on/off switch
if (0)
{
dwError = _VmAfdInitEventLogPublisherThread(pLogger->pCircularBuffer);
BAIL_ON_VMAFD_ERROR(dwError);
}
*ppLogger = pLogger;
VmAfdLog(VMAFD_DEBUG_ANY, "Super Logger object is created.");
cleanup:
return dwError;
error:
if (pLogger != NULL)
{
VmAfdCircularBufferFree(pLogger->pCircularBuffer);
VmAfdFreeMemory(pLogger);
pLogger = NULL;
}
goto cleanup;
}
DWORD
DirCliX509ToDER(
X509* pCert,
PBYTE* ppCertBytes,
PDWORD pdwLength
)
{
DWORD dwError = 0;
PBYTE pBytes_openssl = NULL;
PBYTE pCertBytes = NULL;
int len = 0;
len = i2d_X509(pCert, &pBytes_openssl);
if (len < 0)
{
dwError = ERROR_ENCRYPTION_FAILED;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateMemory(len, (PVOID)&pCertBytes);
BAIL_ON_VMAFD_ERROR(dwError);
memcpy(pCertBytes, pBytes_openssl, len);
*ppCertBytes = pCertBytes;
*pdwLength = len;
cleanup:
if (pBytes_openssl)
{
OPENSSL_free(pBytes_openssl);
}
return dwError;
error:
*ppCertBytes = NULL;
*pdwLength = 0;
goto cleanup;
}
DWORD
VecsSrvAllocateCertEnumContextHandle(
PVECS_SRV_STORE_HANDLE pStore,
DWORD dwMaxCount,
ENTRY_INFO_LEVEL infoLevel,
PVECS_SRV_ENUM_CONTEXT_HANDLE* ppContext
)
{
DWORD dwError = 0;
PVECS_SRV_ENUM_CONTEXT_HANDLE pContext = NULL;
dwError = VmAfdAllocateMemory(
sizeof(VECS_SRV_ENUM_CONTEXT_HANDLE),
(PVOID*)&pContext);
BAIL_ON_VMAFD_ERROR(dwError);
pContext->pStore = VmAfdAcquireStoreHandle(pStore);
if (!dwMaxCount || (dwMaxCount > 256))
{
pContext->dwLimit = 256;
}
else
{
pContext->dwLimit = dwMaxCount;
}
pContext->infoLevel = infoLevel;
*ppContext = pContext;
cleanup:
return dwError;
error:
if (ppContext)
{
*ppContext = NULL;
}
goto cleanup;
}
DWORD
VmAfdCopySecurityContextImpl (
PVM_AFD_SECURITY_CONTEXT pSecurityContextSrc,
PVM_AFD_SECURITY_CONTEXT *ppSecurityContextDst
)
{
DWORD dwError = 0;
PVM_AFD_SECURITY_CONTEXT pSecurityContext = NULL;
if (!pSecurityContextSrc ||
!ppSecurityContextDst
)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdAllocateMemory (
sizeof (VM_AFD_SECURITY_CONTEXT),
(PVOID *) &pSecurityContext
);
BAIL_ON_VMAFD_ERROR (dwError);
pSecurityContext->uid = pSecurityContextSrc->uid;
*ppSecurityContextDst = pSecurityContext;
cleanup:
return dwError;
error:
if (ppSecurityContextDst)
{
*ppSecurityContextDst = NULL;
}
if (pSecurityContext)
{
VmAfdFreeSecurityContext (pSecurityContext);
}
goto cleanup;
}
DWORD
ReadFileContentsToString(std::string FileName, PSTR *ppszData)
{
DWORD dwError = 0;
FILE * fp = NULL;
size_t stDataSize = 0;
PSTR pszFileData = NULL;
DWORD dwReadSize =0;
fflush(NULL); // This prevents writes in Python code which lingers in Memory
#ifdef _WIN32
#define stat _stat
#endif
struct stat filedata = { 0 };
dwError = stat(FileName.c_str(), &filedata);
BAIL_ON_ERROR(dwError);
stDataSize = filedata.st_size;
dwError = VmAfdAllocateMemory(stDataSize + 1,(PVOID*) &pszFileData);
BAIL_ON_ERROR(dwError);
dwError = VmAfdOpenFilePath(FileName.c_str(), "r", &fp, 0);
BAIL_ON_ERROR(dwError);
dwReadSize = fread(pszFileData, 1, stDataSize, fp);
if (dwReadSize != stDataSize)
{
dwError = VECS_GENERIC_FILE_IO;
BAIL_ON_ERROR(dwError);
}
*ppszData = pszFileData;
cleanup:
if (fp != NULL)
{
fclose(fp);
}
return dwError;
error:
VMAFD_SAFE_FREE_MEMORY(pszFileData);
goto cleanup;
}
DWORD
VmAfdDecodeSecurityContextImpl (
PBYTE pByteSecurityContext,
DWORD dwBuffSize,
PVM_AFD_SECURITY_CONTEXT *ppSecurityContext
)
{
DWORD dwError = 0;
PVM_AFD_SECURITY_CONTEXT pSecurityContext = NULL;
if (dwBuffSize < sizeof (VM_AFD_SECURITY_CONTEXT))
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdAllocateMemory (
sizeof (VM_AFD_SECURITY_CONTEXT),
(PVOID *)&pSecurityContext
);
BAIL_ON_VMAFD_ERROR (dwError);
pSecurityContext->uid = ((PVM_AFD_SECURITY_CONTEXT)
pByteSecurityContext)->uid;
*ppSecurityContext = pSecurityContext;
cleanup:
return dwError;
error:
if (ppSecurityContext)
{
*ppSecurityContext = NULL;
}
if (pSecurityContext)
{
VmAfdFreeSecurityContext (pSecurityContext);
}
goto cleanup;
}
DWORD
CdcInitThreadContext(
PCDC_THREAD_CONTEXT *ppThrContext
)
{
DWORD dwError = 0;
PCDC_THREAD_CONTEXT pThrContext = NULL;
if (!ppThrContext)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateMemory(
sizeof(CDC_THREAD_CONTEXT),
(PVOID*)&pThrContext
);
BAIL_ON_VMAFD_ERROR(dwError);
pThrContext->thr_mutex = (pthread_mutex_t)PTHREAD_MUTEX_INITIALIZER;
pThrContext->thr_cond = (pthread_cond_t)PTHREAD_COND_INITIALIZER;
*ppThrContext = pThrContext;
cleanup:
return dwError;
error:
if (ppThrContext)
{
*ppThrContext = NULL;
}
if (pThrContext)
{
CdcShutdownThread(pThrContext, NULL);
}
goto cleanup;
}
static
DWORD
_VmAfdSrvThrInit(
PVMSUPERLOG_THREAD_INFO pThrInfo,
pthread_mutex_t* pAltMutex,
PVMAFD_COND pAltCond,
BOOLEAN bJoinFlag
)
{
DWORD dwError = 0;
if (pAltMutex && pAltMutex != pThrInfo->mutex)
{
pThrInfo->mutexUsed = pAltMutex;
}
else
{
dwError = pthread_mutex_init(pThrInfo->mutex, NULL);
BAIL_ON_VMAFD_ERROR(dwError);
pThrInfo->mutexUsed = pThrInfo->mutex;
}
if (pAltCond && pAltCond != pThrInfo->condition)
{
pThrInfo->conditionUsed = pAltCond;
}
else
{
dwError = VmAfdAllocateMemory(sizeof(VMAFD_COND), ((PVOID*)&pAltCond));
BAIL_ON_VMAFD_ERROR(dwError);
pThrInfo->conditionUsed = pThrInfo->condition;
}
pThrInfo->bJoinThr = bJoinFlag;
cleanup:
return dwError;
error:
goto cleanup;
}
static
DWORD
VmAfdBuildTokenGroups(
gid_t *pGidList,
DWORD dwGidListLen,
PTOKEN_GROUPS *ppTokenGroups)
{
DWORD dwError = 0;
PTOKEN_GROUPS pTokenGroups = NULL;
unsigned int i = 0;
BAIL_ON_VMAFD_INVALID_POINTER(pGidList, dwError);
BAIL_ON_VMAFD_INVALID_POINTER(ppTokenGroups, dwError);
dwError = VmAfdAllocateMemory(
sizeof(TOKEN_GROUPS) + (sizeof(SID_AND_ATTRIBUTES) * dwGidListLen),
(PVOID*)&pTokenGroups);
BAIL_ON_VMAFD_ERROR(dwError);
for (i = 0; i < dwGidListLen; i++)
{
dwError = VmAfdAllocateSidFromGid(
pGidList[i],
&pTokenGroups->Groups[i].Sid);
BAIL_ON_VMAFD_ERROR(dwError);
pTokenGroups->Groups[i].Attributes = SE_GROUP_ENABLED;
}
pTokenGroups->GroupCount = dwGidListLen;
*ppTokenGroups = pTokenGroups;
cleanup:
return dwError;
error:
VmAfdFreeTokenGroups(pTokenGroups);
goto cleanup;
}
DWORD
VmAfdAcceptConnectionImpl(
PVM_AFD_CONNECTION pConnection,
PVM_AFD_CONNECTION *ppConnection
)
{
DWORD dwError = 0;
PVM_AFD_CONNECTION pTempConnection = NULL;
int connection_fd = 0;
struct sockaddr_un address = {0};
socklen_t address_length = 0;
connection_fd = accept(pConnection->fd,(struct sockaddr *)&address, &address_length);
if (connection_fd < 0){
dwError = LwErrnoToWin32Error(errno);
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateMemory(sizeof(VM_AFD_CONNECTION),(PVOID *)&pTempConnection);
BAIL_ON_VMAFD_ERROR(dwError);
pTempConnection->fd = connection_fd;
*ppConnection = pTempConnection;
cleanup:
return dwError;
error:
if (pTempConnection){
VMAFD_SAFE_FREE_MEMORY(pTempConnection);
}
if (ppConnection){
*ppConnection = NULL;
}
if (connection_fd >= 0){
close (connection_fd);
}
goto cleanup;
}
DWORD
VmAfdInitializeSecurityContextImpl(
PVM_AFD_CONNECTION pConnection,
PVM_AFD_SECURITY_CONTEXT *ppSecurityContext
)
{
DWORD dwError = 0;
struct ucred credentials = {0};
int credLength = sizeof (struct ucred);
PVM_AFD_SECURITY_CONTEXT pSecurityContext = NULL;
if ((getsockopt (
pConnection->fd,
SOL_SOCKET,
SO_PEERCRED,
&credentials,
&credLength)) < 0){
dwError = LwErrnoToWin32Error (errno);
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdAllocateMemory(
sizeof (VM_AFD_SECURITY_CONTEXT),
(PVOID *)&pSecurityContext);
BAIL_ON_VMAFD_ERROR (dwError);
pSecurityContext->uid = credentials.uid;
*ppSecurityContext = pSecurityContext;
cleanup:
return dwError;
error:
if (ppSecurityContext != NULL){
*ppSecurityContext = NULL;
}
if (pSecurityContext){
VmAfdFreeSecurityContext(pSecurityContext);
}
goto cleanup;
}
