static
VOID
VmDirRegConfigHandleClose(
PVMDIR_CONFIG_CONNECTION_HANDLE pCfgHandle
)
{
#ifndef _WIN32
if (pCfgHandle->hConnection)
{
if (pCfgHandle->hKey)
{
DWORD dwError = RegCloseKey(
pCfgHandle->hConnection,
pCfgHandle->hKey);
if (dwError != 0)
{ // Do not bail, best effort to cleanup.
VmDirLog(
LDAP_DEBUG_ANY,
"RegCloseKey failed, Error code: (%u)(%s)",
dwError,
VDIR_SAFE_STRING(LwWin32ErrorToName(dwError)));
}
}
RegCloseServer(pCfgHandle->hConnection);
}
#else
if (pCfgHandle->hKey)
{
RegCloseKey(pCfgHandle->hKey);
}
#endif
VMDIR_SAFE_FREE_MEMORY(pCfgHandle);
}
VOID
VmDirRegConfigHandleClose(
PVMDIR_CONFIG_CONNECTION_HANDLE pCfgHandle
)
{
#ifndef _WIN32
if (pCfgHandle->hConnection)
{
if (pCfgHandle->hKey)
{
RegCloseKey(
pCfgHandle->hConnection,
pCfgHandle->hKey);
}
RegCloseServer(pCfgHandle->hConnection);
}
#else
if (pCfgHandle->hKey)
{
RegCloseKey(pCfgHandle->hKey);
}
#endif
free(pCfgHandle);
}
static
VOID
VmAuthsvcRegConfigHandleClose(
PVMAUTHSVC_CONFIG_CONNECTION_HANDLE pCfgHandle
)
{
if (pCfgHandle->hConnection)
{
if (pCfgHandle->hKey)
{
DWORD dwError = RegCloseKey(
pCfgHandle->hConnection,
pCfgHandle->hKey);
if (dwError != 0)
{ // Do not bail, best effort to cleanup.
VmAuthsvcLog(
VMAUTHSVC_DEBUG_ANY,
"RegCloseKey failed, Error code: (%u)(%s)",
dwError,
VMAUTHSVC_SAFE_STRING(LwWin32ErrorToName(dwError)));
}
}
RegCloseServer(pCfgHandle->hConnection);
}
VMAUTHSVC_SAFE_FREE_MEMORY(pCfgHandle);
}
DWORD
VmAuthsvcConfigSetAdminCredentials(
PCSTR pszUserDN,
PCSTR pszPassword
)
{
DWORD dwError = 0;
PCSTR pszParamsKeyPath = VMAUTHSVC_CONFIG_PARAMETER_KEY_PATH;
PCSTR pszValueAdminDN = VMAUTHSVC_REG_KEY_ADMIN_DN;
PCSTR pszCredsKeyPath = VMAUTHSVC_CONFIG_CREDS_KEY_PATH;
PCSTR pszValueAdminPassword = VMAUTHSVC_REG_KEY_ADMIN_PASSWD;
HANDLE hConnection = NULL;
if (IsNullOrEmptyString(pszUserDN) || !pszPassword)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAUTHSVC_ERROR(dwError);
}
dwError = RegOpenServer(&hConnection);
BAIL_ON_VMAUTHSVC_ERROR(dwError);
dwError = RegUtilSetValue(
hConnection,
HKEY_THIS_MACHINE,
pszParamsKeyPath,
NULL,
pszValueAdminDN,
REG_SZ,
(PVOID)pszUserDN,
VmAuthsvcStringLenA(pszUserDN));
BAIL_ON_VMAUTHSVC_ERROR(dwError);
dwError = RegUtilSetValue(
hConnection,
HKEY_THIS_MACHINE,
pszCredsKeyPath,
NULL,
pszValueAdminPassword,
REG_SZ,
(PVOID)pszPassword,
VmAuthsvcStringLenA(pszPassword));
BAIL_ON_VMAUTHSVC_ERROR(dwError);
error:
if (hConnection)
{
RegCloseServer(hConnection);
}
return dwError;
}
DWORD
DeleteTreeFromRegistry(
PCSTR pszPath
)
{
DWORD ceError = ERROR_SUCCESS;
HANDLE hReg = (HANDLE)NULL;
HKEY pRootKey = NULL;
ceError = RegOpenServer(&hReg);
BAIL_ON_CENTERIS_ERROR(ceError);
ceError = RegOpenKeyExA(
hReg,
NULL,
HKEY_THIS_MACHINE,
0,
KEY_ALL_ACCESS,
&pRootKey);
if (ceError)
{
DJ_LOG_ERROR( "Failed to open registry root key %s",HKEY_THIS_MACHINE);
goto error;
}
ceError = RegDeleteTreeA(
hReg,
pRootKey,
pszPath);
if (ceError)
{
//Donot log if ceError is about the key which is not present
ceError = ERROR_SUCCESS;
}
cleanup:
RegCloseKey(hReg, pRootKey);
pRootKey = NULL;
RegCloseServer(hReg);
hReg = NULL;
return(ceError);
error:
goto cleanup;
}
VOID
LwpsLegacyCloseProvider(
IN PLWPS_LEGACY_STATE pContext
)
{
if (pContext)
{
if (pContext->hReg)
{
RegCloseServer(pContext->hReg);
}
LwpsLegacyFreeSecurityDescriptor(&pContext->pPasswordSecurityDescriptor);
LwpsLegacyFreeSecurityDescriptor(&pContext->pAccountSecurityDescriptor);
LwFreeMemory(pContext);
}
}
VOID
EVTCloseConfig(
PEVT_CONFIG_REG pReg
)
{
if ( pReg )
{
LW_SAFE_FREE_STRING(pReg->pszConfigKey);
LW_SAFE_FREE_STRING(pReg->pszPolicyKey);
if ( pReg->hConnection )
{
if ( pReg->hKey )
{
RegCloseKey(pReg->hConnection, pReg->hKey);
pReg->hKey = NULL;
}
RegCloseServer(pReg->hConnection);
pReg->hConnection = NULL;
}
LW_SAFE_FREE_MEMORY(pReg);
}
}
DWORD
LwSmPopulateTable(
VOID
)
{
DWORD dwError = 0;
HANDLE hReg = NULL;
PWSTR* ppwszNames = NULL;
PWSTR pwszName = NULL;
PLW_SERVICE_INFO pInfo = NULL;
PSM_TABLE_ENTRY pEntry = NULL;
size_t i = 0;
SM_LOG_VERBOSE("Populating service table");
dwError = RegOpenServer(&hReg);
BAIL_ON_ERROR(dwError);
dwError = LwSmRegistryEnumServices(hReg, &ppwszNames);
switch (dwError)
{
case LWREG_ERROR_NO_SUCH_KEY_OR_VALUE:
/* No services in registry */
dwError = 0;
goto cleanup;
}
BAIL_ON_ERROR(dwError);
for (i = 0; ppwszNames[i]; i++)
{
pwszName = ppwszNames[i];
LwSmCommonFreeServiceInfo(pInfo);
pInfo = NULL;
dwError = LwSmRegistryReadServiceInfo(hReg, pwszName, &pInfo);
switch (dwError)
{
case LWREG_ERROR_NO_SUCH_KEY_OR_VALUE:
dwError = 0;
continue;
default:
break;
}
BAIL_ON_ERROR(dwError);
dwError = LwSmTableGetEntry(pwszName, &pEntry);
if (!dwError)
{
dwError = LwSmTableUpdateEntry(pEntry, pInfo, LW_SERVICE_INFO_MASK_ALL);
BAIL_ON_ERROR(dwError);
}
else if (dwError == LW_ERROR_NO_SUCH_SERVICE)
{
dwError = LwSmTableAddEntry(pInfo, &pEntry);
BAIL_ON_ERROR(dwError);
}
else
{
BAIL_ON_ERROR(dwError);
}
LwSmTableReleaseEntry(pEntry);
pEntry = NULL;
}
cleanup:
LwSmFreeStringList(ppwszNames);
LwSmCommonFreeServiceInfo(pInfo);
if (hReg)
{
RegCloseServer(hReg);
}
return dwError;
error:
goto cleanup;
}
static
DWORD
VmwDeployDisableAfdListener(
void
)
{
DWORD dwError = 0;
HANDLE hConnection = NULL;
HKEY hRootKey = NULL;
HKEY hParamKey = NULL;
DWORD dwValue = 0;
dwError = RegOpenServer(&hConnection);
BAIL_ON_DEPLOY_ERROR(dwError);
dwError = RegOpenKeyExA(
hConnection,
NULL,
"HKEY_THIS_MACHINE",
0,
KEY_READ,
&hRootKey);
BAIL_ON_DEPLOY_ERROR(dwError);
dwError = RegOpenKeyExA(
hConnection,
hRootKey,
"Services\\vmafd\\Parameters",
0,
KEY_SET_VALUE,
&hParamKey);
BAIL_ON_DEPLOY_ERROR(dwError);
dwError = RegSetValueExA(
hConnection,
hParamKey,
"EnableDCERPC",
0,
REG_DWORD,
(PBYTE)&dwValue,
sizeof(dwValue));
BAIL_ON_DEPLOY_ERROR(dwError);
cleanup:
if (hConnection)
{
if (hParamKey)
{
RegCloseKey(hConnection, hParamKey);
}
if (hRootKey)
{
RegCloseKey(hConnection, hRootKey);
}
RegCloseServer(hConnection);
}
return dwError;
error:
goto cleanup;
}
DWORD
SetBooleanRegistryValue(
PCSTR path,
PCSTR name,
BOOL value
)
{
DWORD ceError = ERROR_SUCCESS;
HANDLE hReg = (HANDLE)NULL;
HKEY pRootKey = NULL;
HKEY pNodeKey = NULL;
DWORD dwValue = 0;
if (value)
{
dwValue = 1;
}
ceError = RegOpenServer(&hReg);
BAIL_ON_CENTERIS_ERROR(ceError);
ceError = RegOpenKeyExA(
hReg,
NULL,
HKEY_THIS_MACHINE,
0,
KEY_ALL_ACCESS,
&pRootKey);
if (ceError)
{
DJ_LOG_ERROR( "Failed to open registry root key %s",HKEY_THIS_MACHINE);
goto error;
}
ceError = RegOpenKeyExA(
hReg,
pRootKey,
path,
0,
KEY_ALL_ACCESS,
&pNodeKey);
if (ceError)
{
DJ_LOG_ERROR( "Failed to open registry key %s\\%s",HKEY_THIS_MACHINE, path);
goto error;
}
ceError = RegSetValueExA(
hReg,
pNodeKey,
name,
0,
REG_DWORD,
(const BYTE*) &dwValue,
sizeof(dwValue));
if (ceError)
{
DJ_LOG_ERROR( "Failed to set registry value %s with value %d", name, value ? 1 : 0);
goto error;
}
cleanup:
if (hReg)
{
if (pNodeKey)
{
RegCloseKey(hReg, pNodeKey);
pNodeKey = NULL;
}
if (pRootKey)
{
RegCloseKey(hReg, pRootKey);
pRootKey = NULL;
}
RegCloseServer(hReg);
hReg = NULL;
}
return(ceError);
error:
goto cleanup;
}
DWORD
SetStringRegistryValue(
PCSTR path,
PCSTR name,
PSTR value
)
{
DWORD ceError = ERROR_SUCCESS;
HANDLE hReg = (HANDLE)NULL;
HKEY pRootKey = NULL;
HKEY pNodeKey = NULL;
char szEmpty[2] = "";
if (!value)
{
value = szEmpty;
}
ceError = RegOpenServer(&hReg);
BAIL_ON_CENTERIS_ERROR(ceError);
ceError = RegOpenKeyExA(
hReg,
NULL,
HKEY_THIS_MACHINE,
0,
KEY_ALL_ACCESS,
&pRootKey);
if (ceError)
{
DJ_LOG_ERROR( "Failed to open registry root key %s",HKEY_THIS_MACHINE);
goto error;
}
ceError = RegOpenKeyExA(
hReg,
pRootKey,
path,
0,
KEY_ALL_ACCESS,
&pNodeKey);
if (ceError)
{
DJ_LOG_ERROR( "Failed to open registry key %s\\%s",HKEY_THIS_MACHINE, path);
goto error;
}
ceError = RegSetValueExA(
hReg,
pNodeKey,
name,
0,
REG_SZ,
(const BYTE*)value,
(DWORD)strlen(value)+1);
if (ceError)
{
DJ_LOG_ERROR( "Failed to set registry value %s with value %s", name, value);
goto error;
}
cleanup:
if (hReg)
{
if (pNodeKey)
{
RegCloseKey(hReg, pNodeKey);
pNodeKey = NULL;
}
if (pRootKey)
{
RegCloseKey(hReg, pRootKey);
pRootKey = NULL;
}
RegCloseServer(hReg);
hReg = NULL;
}
return(ceError);
error:
goto cleanup;
}
static
DWORD
UmnSrvUpdateAccountInfo(
long long Now
)
{
DWORD dwError = 0;
HANDLE hLsass = NULL;
HANDLE hReg = NULL;
HKEY hParameters = NULL;
BOOLEAN bLocalDBOpen = FALSE;
// Do not free
PSTR pDisableLsassEnum = NULL;
DWORD lastUpdated = 0;
DWORD lastUpdatedLen = sizeof(lastUpdated);
PLW_EVENTLOG_CONNECTION pConn = NULL;
dwError = LwEvtOpenEventlog(
NULL,
&pConn);
BAIL_ON_UMN_ERROR(dwError);
dwError = LsaOpenServer(&hLsass);
BAIL_ON_UMN_ERROR(dwError);
dwError = RegOpenServer(&hReg);
BAIL_ON_UMN_ERROR(dwError);
dwError = RegOpenKeyExA(
hReg,
NULL,
HKEY_THIS_MACHINE "\\Services\\" SERVICE_NAME "\\Parameters",
0,
KEY_ALL_ACCESS,
&hParameters);
BAIL_ON_UMN_ERROR(dwError);
dwError = RegGetValueA(
hReg,
hParameters,
NULL,
"LastUpdated",
0,
NULL,
(PBYTE)&lastUpdated,
&lastUpdatedLen);
if (dwError == LWREG_ERROR_NO_SUCH_KEY_OR_VALUE)
{
lastUpdated = 0;
dwError = 0;
}
BAIL_ON_UMN_ERROR(dwError);
/* processing local users/groups so disable AD user/group enumeration */
pDisableLsassEnum = getenv("_DISABLE_LSASS_NSS_ENUMERATION");
if (!pDisableLsassEnum || strcmp(pDisableLsassEnum, "1"))
{
/* Note, this code must leak memory.
*
* Putenv uses the memory passed to it, that it is it does not copy the
* string. There is no Unix standard to unset an environment variable,
* and the string passed to putenv must be accessible as long as the
* program is running. A static string cannot be used because the
* container could out live this service. There is no opportunity to
* free the string before the program ends, because the variable must
* be accessible for the duration of the program.
*/
dwError = LwAllocateString(
"_DISABLE_LSASS_NSS_ENUMERATION=1",
&pDisableLsassEnum);
BAIL_ON_UMN_ERROR(dwError);
putenv(pDisableLsassEnum);
}
setpwent();
setgrent();
bLocalDBOpen = TRUE;
dwError = UmnSrvUpdateUsers(
hLsass,
pConn,
hReg,
hParameters,
lastUpdated,
Now);
BAIL_ON_UMN_ERROR(dwError);
dwError = UmnSrvUpdateGroups(
hLsass,
pConn,
hReg,
hParameters,
lastUpdated,
Now);
BAIL_ON_UMN_ERROR(dwError);
endpwent();
endgrent();
bLocalDBOpen = FALSE;
dwError = UmnSrvUpdateADAccounts(
hLsass,
pConn,
hReg,
hParameters,
lastUpdated,
Now);
BAIL_ON_UMN_ERROR(dwError);
lastUpdated = Now;
dwError = RegSetValueExA(
hReg,
hParameters,
"LastUpdated",
0,
REG_DWORD,
(PBYTE)&lastUpdated,
sizeof(lastUpdated));
BAIL_ON_UMN_ERROR(dwError);
cleanup:
if (bLocalDBOpen)
{
endpwent();
endgrent();
}
if (hLsass)
{
LsaCloseServer(hLsass);
}
if (hReg)
{
RegCloseServer(hReg);
}
if (pConn)
{
LwEvtCloseEventlog(pConn);
}
return dwError;
error:
goto cleanup;
}
int main(int argc, char *argv[])
{
DWORD dwError;
HANDLE hReg = NULL;
PLWREG_VALUE_ATTRIBUTES pAttr = NULL;
PLWREG_VALUE_ATTRIBUTES pAttr_int = NULL;
PWSTR* ppwszRootKeyNames = NULL;
DWORD dwNumRootKeys = 0;
wchar16_t szSubKey[] = {'a', 0};
wchar16_t szSubKey1[] = {'b', 0};
wchar16_t szValueName[] = {'a','t','t','r',0};
wchar16_t szValueName1[] = {'a','t','t','r','1',0};
HKEY hKey = NULL;
HKEY hSubKey = NULL;
HKEY hSubSubKey = NULL;
PLWREG_CURRENT_VALUEINFO pCurrentValue = NULL;
PLWREG_VALUE_ATTRIBUTES pValueAttributes = NULL;
PLWREG_VALUE_ATTRIBUTES pValueAttributes_int = NULL;
ValueAttribute.Range.ppszRangeEnumStrings = ppszRangeEnumStrings;
ValueAttribute_int.Range.RangeInteger.Max = 100;
ValueAttribute_int.Range.RangeInteger.Min = 1;
DWORD dwType = REG_NONE;
PBYTE pData[MAX_VALUE_LENGTH] = {0};
DWORD cbData = MAX_VALUE_LENGTH;
wchar16_t pCurrData[] = {'C', 'u', 'r', 'r', 'e', 'n', 't', 0};
dwError = RegConvertValueAttributesAToW(ValueAttribute,
&pAttr);
BAIL_ON_REG_ERROR(dwError);
dwError = RegConvertValueAttributesAToW(ValueAttribute_int,
&pAttr_int);
BAIL_ON_REG_ERROR(dwError);
dwError = RegOpenServer(&hReg);
BAIL_ON_REG_ERROR(dwError);
dwError = RegEnumRootKeysW(hReg,
&ppwszRootKeyNames,
&dwNumRootKeys);
BAIL_ON_REG_ERROR(dwError);
dwError = RegOpenKeyExW(
hReg,
NULL,
ppwszRootKeyNames[0],
0,
KEY_ALL_ACCESS | KEY_SET_VALUE | KEY_CREATE_SUB_KEY | DELETE,
&hKey);
BAIL_ON_REG_ERROR(dwError);
dwError = RegCreateKeyExW(
hReg,
hKey,
szSubKey,
0,
NULL,
0,
KEY_ALL_ACCESS,
NULL,
&hSubKey,
NULL);
BAIL_ON_REG_ERROR(dwError);
dwError = RegCreateKeyExW(
hReg,
hSubKey,
szSubKey1,
0,
NULL,
0,
KEY_ALL_ACCESS,
NULL,
&hSubSubKey,
NULL);
BAIL_ON_REG_ERROR(dwError);
dwError = RegSetValueAttributesW(
hReg,
hKey,
NULL,
szValueName,
pAttr);
BAIL_ON_REG_ERROR(dwError);
dwError = RegSetValueAttributesW(
hReg,
hKey,
NULL,
szValueName1,
pAttr_int);
BAIL_ON_REG_ERROR(dwError);
dwError = RegSetValueAttributesW(
hReg,
hKey,
szSubKey,
szValueName,
pAttr);
BAIL_ON_REG_ERROR(dwError);
dwError = RegSetValueAttributesW(
hReg,
hKey,
szSubKey,
szValueName1,
pAttr);
BAIL_ON_REG_ERROR(dwError);
dwError = RegSetValueAttributesW(
hReg,
hSubSubKey,
NULL,
szValueName1,
pAttr_int);
BAIL_ON_REG_ERROR(dwError);
dwError = RegSetValueAttributesW(
hReg,
hSubSubKey,
NULL,
szValueName,
pAttr);
BAIL_ON_REG_ERROR(dwError);
dwError = RegGetValueAttributesW(
hReg,
hKey,
NULL,
szValueName,
&pCurrentValue,
&pValueAttributes);
BAIL_ON_REG_ERROR(dwError);
dwError = RegGetValueAttributesW(
hReg,
hKey,
NULL,
szValueName1,
NULL,
&pValueAttributes_int);
BAIL_ON_REG_ERROR(dwError);
dwError = RegSetValueExW(
hReg,
hSubKey,
szValueName,
0,
REG_SZ,
(const BYTE*)pCurrData,
(wc16slen(pCurrData)+1)*sizeof(*pCurrData));
BAIL_ON_REG_ERROR(dwError);
dwError = RegGetValueW(
hReg,
hKey,
szSubKey,
szValueName,
RRF_RT_REG_NONE,
&dwType,
pData,
&cbData);
BAIL_ON_REG_ERROR(dwError);
dwError = RegDeleteValueAttributesW(
hReg,
hKey,
NULL,
szValueName);
BAIL_ON_REG_ERROR(dwError);
dwError = RegDeleteTreeW(
hReg,
hKey,
szSubKey);
if (LWREG_ERROR_KEY_IS_ACTIVE == dwError)
{
if (hSubKey)
{
RegCloseKey(hReg, hSubKey);
}
if (hSubSubKey)
{
RegCloseKey(hReg, hSubSubKey);
}
dwError = RegDeleteTreeW(
hReg,
hKey,
szSubKey);
BAIL_ON_REG_ERROR(dwError);
}
BAIL_ON_REG_ERROR(dwError);
cleanup:
if (hKey)
{
RegCloseKey(hReg, hKey);
}
if (hSubKey)
{
RegCloseKey(hReg, hSubKey);
}
if (hSubSubKey)
{
RegCloseKey(hReg, hSubSubKey);
}
if (hReg)
{
RegCloseServer(hReg);
}
RegFreeWC16StringArray(ppwszRootKeyNames,
dwNumRootKeys);
RegSafeFreeValueAttributes(&pAttr);
RegSafeFreeCurrentValueInfo(&pCurrentValue);
RegSafeFreeValueAttributes(&pValueAttributes);
return dwError;
error:
goto cleanup;
}
