DWORD VmwDeployWriteToFile( PCSTR pszContent, PCSTR pszDirPath, PCSTR pszFilename ) { DWORD dwError = 0; PSTR pszPath = NULL; FILE* fp = NULL; size_t nWritten = 0; size_t nToWrite = 0; if (IsNullOrEmptyString(pszContent) || IsNullOrEmptyString(pszDirPath) || IsNullOrEmptyString(pszFilename)) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } dwError = VmwDeployAllocateStringPrintf( &pszPath, "%s/%s", pszDirPath, pszFilename); BAIL_ON_DEPLOY_ERROR(dwError); if ((fp = fopen(pszPath, "w")) == NULL) { dwError = LwErrnoToWin32Error(errno); BAIL_ON_DEPLOY_ERROR(dwError); } nToWrite = strlen(pszContent); nWritten = fwrite(pszContent, 1, nToWrite, fp); if (nWritten != nToWrite) { dwError = LwErrnoToWin32Error(errno); BAIL_ON_DEPLOY_ERROR(dwError); } cleanup: if (fp) { fclose(fp); } if (pszPath) { VmwDeployFreeMemory(pszPath); } return dwError; error: goto cleanup; }
static DWORD VmwDeployBuildParams( PCSTR pszDomain, PCSTR pszUsername, PCSTR pszPassword, PCSTR pszPartner, PCSTR pszSite, PCSTR pszSubjectAltName, PCSTR pszParentDomain, PCSTR pszParentDC, PCSTR pszParentUserName, PCSTR pszParentPassword, PVMW_IC_SETUP_PARAMS* ppSetupParams ) { DWORD dwError = 0; PVMW_IC_SETUP_PARAMS pSetupParams = NULL; PSTR pszPassword1 = NULL; PSTR pszHostname = NULL; dwError = VmwDeployAllocateMemory( sizeof(*pSetupParams), (VOID*)&pSetupParams); BAIL_ON_DEPLOY_ERROR(dwError); if (IsNullOrEmptyString(pszPartner)) { pSetupParams->dir_svc_mode = VMW_DIR_SVC_MODE_STANDALONE; } else { pSetupParams->dir_svc_mode = VMW_DIR_SVC_MODE_PARTNER; dwError = VmwDeployAllocateStringA( pszPartner, &pSetupParams->pszServer); BAIL_ON_DEPLOY_ERROR(dwError); } dwError = VmwDeployGetHostname(&pszHostname); BAIL_ON_DEPLOY_ERROR(dwError); if (IsNullOrEmptyString(pszDomain)) { pszDomain = VMW_DEFAULT_DOMAIN_NAME; } if (!strchr(pszHostname, '.')) { dwError = VmwDeployAllocateStringPrintf( &pSetupParams->pszHostname, "%s.%s", pszHostname, pszDomain); BAIL_ON_DEPLOY_ERROR(dwError); } else { dwError = VmwDeployAllocateStringA( pszHostname, &pSetupParams->pszHostname); BAIL_ON_DEPLOY_ERROR(dwError); } if (!pszUsername) { pszUsername = VMW_ADMIN_NAME; } if (IsNullOrEmptyString(pszPassword)) { dwError = VmwDeployReadPassword( pszUsername, pszDomain, &pszPassword1); BAIL_ON_DEPLOY_ERROR(dwError); pszPassword = pszPassword1; } if (!IsNullOrEmptyString(pszSubjectAltName)) { dwError = VmwDeployAllocateStringA( pszSubjectAltName, &pSetupParams->pszSubjectAltName); BAIL_ON_DEPLOY_ERROR(dwError); } dwError = VmwDeployAllocateStringA(pszDomain, &pSetupParams->pszDomainName); BAIL_ON_DEPLOY_ERROR(dwError); dwError = VmwDeployAllocateStringA(pszUsername, &pSetupParams->pszUsername); BAIL_ON_DEPLOY_ERROR(dwError); dwError = VmwDeployAllocateStringA(pszPassword, &pSetupParams->pszPassword); BAIL_ON_DEPLOY_ERROR(dwError); if (pszSite) { dwError = VmwDeployAllocateStringA(pszSite, &pSetupParams->pszSite); BAIL_ON_DEPLOY_ERROR(dwError); } if (pszParentDomain) { dwError = VmwDeployAllocateStringA(pszParentDomain, &pSetupParams->pszParentDomainName); BAIL_ON_DEPLOY_ERROR(dwError); } if (pszParentDC) { dwError = VmwDeployAllocateStringA(pszParentDC, &pSetupParams->pszParentDC); BAIL_ON_DEPLOY_ERROR(dwError); } if (pszParentUserName) { dwError = VmwDeployAllocateStringA(pszParentUserName, &pSetupParams->pszParentUserName); BAIL_ON_DEPLOY_ERROR(dwError); } if (pszParentPassword) { dwError = VmwDeployAllocateStringA(pszParentPassword, &pSetupParams->pszParentPassword); BAIL_ON_DEPLOY_ERROR(dwError); } *ppSetupParams = pSetupParams; cleanup: if (pszPassword1) { VmwDeployFreeMemory(pszPassword1); } if (pszHostname) { VmwDeployFreeMemory(pszHostname); } return dwError; error: *ppSetupParams = NULL; if (pSetupParams) { VmwDeployFreeSetupParams(pSetupParams); } goto cleanup; }
static DWORD ParseArgs( int argc, char* argv[], PVMW_IC_SETUP_PARAMS* ppSetupParams ) { DWORD dwError = 0; PSTR pszDomain = NULL; PSTR pszPartner = NULL; PSTR pszUsername = NULL; PSTR pszPassword = NULL; PSTR pszSite = NULL; PSTR pszSubjectAltName = NULL; PSTR pszParentDomain = NULL; PSTR pszParentDC = NULL; PSTR pszParentUserName = NULL; PSTR pszParentPassword = NULL; PSTR pszFQDomainName = NULL; enum PARSE_MODE { PARSE_MODE_OPEN = 0, PARSE_MODE_DOMAIN, PARSE_MODE_PARTNER, PARSE_MODE_USERNAME, PARSE_MODE_PASSWORD, PARSE_MODE_SITE, PARSE_MODE_SSL_SUBJECT_ALT_NAME, PARSE_MODE_PARENT_DOMAIN, PARSE_MODE_PARENT_DC, PARSE_MODE_PARENT_USERNAME, PARSE_MODE_PARENT_PASSWORD, } parseMode = PARSE_MODE_OPEN; int iArg = 0; PVMW_IC_SETUP_PARAMS pSetupParams = NULL; for (; iArg < argc; iArg++) { char* pszArg = argv[iArg]; switch (parseMode) { case PARSE_MODE_OPEN: if (!strcmp(pszArg, "--domain")) { parseMode = PARSE_MODE_DOMAIN; } else if (!strcmp(pszArg, "--username")) { parseMode = PARSE_MODE_USERNAME; } else if (!strcmp(pszArg, "--password")) { parseMode = PARSE_MODE_PASSWORD; } else if (!strcmp(pszArg, "--partner")) { parseMode = PARSE_MODE_PARTNER; } else if (!strcmp(pszArg, "--site")) { parseMode = PARSE_MODE_SITE; } else if (!strcmp(pszArg, "--ssl-subject-alt-name")) { parseMode = PARSE_MODE_SSL_SUBJECT_ALT_NAME; } else if (!strcmp(pszArg, "--parent-domain")) { parseMode = PARSE_MODE_PARENT_DOMAIN; } else if (!strcmp(pszArg, "--parent-dc")) { parseMode = PARSE_MODE_PARENT_DC; } else if (!strcmp(pszArg, "--parent-username")) { parseMode = PARSE_MODE_PARENT_USERNAME; } else if (!strcmp(pszArg, "--parent-password")) { parseMode = PARSE_MODE_PARENT_PASSWORD; } else if (!strcmp(pszArg, "--help")) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } else { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } break; case PARSE_MODE_USERNAME: if (pszUsername) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszUsername = pszArg; parseMode = PARSE_MODE_OPEN; break; case PARSE_MODE_DOMAIN: if (pszDomain) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszDomain = pszArg; parseMode = PARSE_MODE_OPEN; break; case PARSE_MODE_PASSWORD: if (pszPassword) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszPassword = pszArg; parseMode = PARSE_MODE_OPEN; break; case PARSE_MODE_PARTNER: if (pszPartner) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszPartner = pszArg; parseMode = PARSE_MODE_OPEN; break; case PARSE_MODE_SITE: if (pszSite) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszSite = pszArg; parseMode = PARSE_MODE_OPEN; break; case PARSE_MODE_SSL_SUBJECT_ALT_NAME: if (pszSubjectAltName) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszSubjectAltName = pszArg; parseMode = PARSE_MODE_OPEN; break; case PARSE_MODE_PARENT_DOMAIN: if (pszParentDomain) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszParentDomain = pszArg; parseMode = PARSE_MODE_OPEN; break; case PARSE_MODE_PARENT_DC: if (pszParentDC) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszParentDC = pszArg; parseMode = PARSE_MODE_OPEN; break; case PARSE_MODE_PARENT_USERNAME: if (pszParentUserName) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszParentUserName = pszArg; parseMode = PARSE_MODE_OPEN; break; case PARSE_MODE_PARENT_PASSWORD: if (pszParentPassword) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } pszParentPassword = pszArg; parseMode = PARSE_MODE_OPEN; break; default: dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); break; } } if (pszParentDomain && pszDomain) { dwError = VmwDeployAllocateStringPrintf( &pszFQDomainName, "%s.%s", pszDomain, pszParentDomain); BAIL_ON_DEPLOY_ERROR(dwError); pszDomain = pszFQDomainName; } dwError = VmwDeployBuildParams( pszDomain, pszUsername, pszPassword, pszPartner, pszSite, pszSubjectAltName, pszParentDomain, pszParentDC, pszParentUserName, pszParentPassword, &pSetupParams); BAIL_ON_DEPLOY_ERROR(dwError); *ppSetupParams = pSetupParams; cleanup: if (pszFQDomainName) { VmwDeployFreeMemory(pszFQDomainName); } return dwError; error: *ppSetupParams = NULL; if (pSetupParams) { VmwDeployFreeSetupParams(pSetupParams); } goto cleanup; }
static DWORD VmwDeploySetupServerCommon( PVMW_IC_SETUP_PARAMS pParams ) { DWORD dwError = 0; PSTR pszHostname = "localhost"; PSTR pszLdapURI = NULL; PSTR pszUsername = VMW_ADMIN_NAME; PSTR pszCACert = NULL; PSTR pszSSLCert = NULL; PSTR pszPrivateKey = NULL; PSTR pszVmdirCfgPath = NULL; VMW_DEPLOY_LOG_INFO("Setting various configuration values"); VMW_DEPLOY_LOG_VERBOSE( "Setting Domain Name to [%s]", VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszDomainName)); dwError = VmAfdSetDomainNameA(pszHostname, pParams->pszDomainName); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_VERBOSE( "Setting Domain Controller Name to [%s]", VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszHostname)); dwError = VmAfdSetDCNameA(pszHostname, pParams->pszHostname); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_VERBOSE( "Setting PNID to [%s]", VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszHostname)); dwError = VmAfdSetPNID(pszHostname, pParams->pszHostname); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_VERBOSE("Setting CA Path to [%s]", VMW_DEFAULT_CA_PATH); dwError = VmAfdSetCAPathA(pszHostname, VMW_DEFAULT_CA_PATH); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_INFO("Promoting directory service to be domain controller"); dwError = VmAfdPromoteVmDirA( pszHostname, pParams->pszDomainName, pszUsername, pParams->pszPassword, pParams->pszSite, pParams->pszServer); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_INFO("Setting up the logical deployment unit"); dwError = VmwDeployAllocateStringPrintf( &pszLdapURI, "ldap://%s", pszHostname); BAIL_ON_DEPLOY_ERROR(dwError); dwError = VmDirSetupLdu( pszLdapURI, pParams->pszDomainName, pszUsername, pParams->pszPassword); BAIL_ON_DEPLOY_ERROR(dwError); if (!IsNullOrEmptyString(pParams->pszDNSForwarders)) { VMW_DEPLOY_LOG_INFO("Setting up DNS Forwarders [%s]", pParams->pszDNSForwarders); dwError = VmwDeploySetForwarders( pParams->pszDomainName, pszUsername, pParams->pszPassword, pParams->pszDNSForwarders); BAIL_ON_DEPLOY_ERROR(dwError); } VMW_DEPLOY_LOG_INFO("Setting up VMware Certificate Authority"); dwError = VmwDeployMakeRootCACert( pParams->pszHostname, pParams->pszDomainName, pszUsername, pParams->pszPassword, &pszCACert); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_INFO( "Adding VMCA's root certificate to VMware endpoint certificate store"); dwError = VmwDeployAddTrustedRoot(pParams->pszHostname, pszCACert); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_INFO("Generating Machine SSL cert"); dwError = VmwDeployCreateMachineSSLCert( pszHostname, pParams->pszDomainName, pszUsername, pParams->pszPassword, pParams->pszHostname, pParams->pszSubjectAltName ? pParams->pszSubjectAltName : pParams->pszHostname, &pszPrivateKey, &pszSSLCert); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_INFO("Setting Machine SSL certificate"); dwError = VmAfdSetSSLCertificate(pszHostname, pszSSLCert, pszPrivateKey); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_INFO( "Publishing Machine SSL certificate for directory service"); dwError = VmwDeployGetVmDirConfigPath(&pszVmdirCfgPath); BAIL_ON_DEPLOY_ERROR(dwError); dwError = VmwDeployWriteToFile( pszSSLCert, pszVmdirCfgPath, VMW_VMDIR_SSL_CERT_FILE); BAIL_ON_DEPLOY_ERROR(dwError); dwError = VmwDeployWriteToFile( pszPrivateKey, pszVmdirCfgPath, VMW_VMDIR_PRIV_KEY_FILE); BAIL_ON_DEPLOY_ERROR(dwError); VMW_DEPLOY_LOG_INFO("Restarting service [%s]", VMW_DIR_SVC_NAME); dwError = VmwDeployRestartService(VMW_DIR_SVC_NAME); BAIL_ON_DEPLOY_ERROR(dwError); cleanup: if (pszVmdirCfgPath) { VmwDeployFreeMemory(pszVmdirCfgPath); } if (pszLdapURI) { VmwDeployFreeMemory(pszLdapURI); } if (pszCACert) { VmwDeployFreeMemory(pszCACert); } if (pszPrivateKey) { VmwDeployFreeMemory(pszPrivateKey); } if (pszSSLCert) { VmwDeployFreeMemory(pszSSLCert); } return dwError; error: goto cleanup; }
DWORD VmwDeployValidatePartnerCredentials( PCSTR pszServer, PCSTR pszPassword, PCSTR pszDomain ) { DWORD dwError = 0; PCSTR pszUsername = VMW_ADMIN_NAME; PSTR pszLdapURI = NULL; PVMDIR_CONNECTION pConnection = NULL; VMW_DEPLOY_LOG_INFO( "Validating credentials to partner [%s] at domain [%s]", VMW_DEPLOY_SAFE_LOG_STRING(pszServer), VMW_DEPLOY_SAFE_LOG_STRING(pszDomain)); if (IsNullOrEmptyString(pszServer) || !pszPassword) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_DEPLOY_ERROR(dwError); } if (VmDeployIsIPV6Address(pszServer)) { dwError = VmwDeployAllocateStringPrintf( &pszLdapURI, "ldaps://[%s]:636", pszServer); BAIL_ON_DEPLOY_ERROR(dwError); } else { dwError = VmwDeployAllocateStringPrintf( &pszLdapURI, "ldaps://%s:636", pszServer); BAIL_ON_DEPLOY_ERROR(dwError); } dwError = VmDirConnectionOpen( pszLdapURI, pszDomain, pszUsername, pszPassword, &pConnection); BAIL_ON_DEPLOY_ERROR(dwError); cleanup: if (pConnection) { VmDirConnectionClose(pConnection); } if (pszLdapURI) { VmwDeployFreeMemory(pszLdapURI); } return dwError; error: goto cleanup; }