Esempio n. 1
0
static
DWORD
VmAfdAllocateSidFromUid(
    uid_t uid,
    PSID *ppSid)
{
    DWORD dwError = 0;
    NTSTATUS ntStatus = 0;
    PSID pSid = NULL;
    PSTR pszSid = NULL;

    dwError = VmAfdAllocateStringPrintf(
                   &pszSid,
                   "S-1-22-1-%d", /* Unix uid SID string */
                   uid);
    BAIL_ON_VMAFD_ERROR(dwError);

    ntStatus = RtlAllocateSidFromCString(
                   &pSid,
                   pszSid);
    dwError = LwNtStatusToWin32Error(ntStatus);
    BAIL_ON_VMAFD_ERROR(dwError);

    *ppSid = pSid;

cleanup:
    VMAFD_SAFE_FREE_STRINGA(pszSid);
    return dwError;

error:
    goto cleanup;
}
Esempio n. 2
0
static
DWORD
VmAfdAllocateSidFromGid(
    gid_t gid,
    PSID *ppSid)
{
    DWORD dwError = 0;
    PSID pSid = NULL;
    PSTR pszSid = NULL;

    dwError = VmAfdAllocateStringPrintf(
                   &pszSid,
                   "S-1-22-2-%d", /* Unix gid SID string */
                   gid);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateSidFromCString(
                   &pSid,
                   pszSid);
    BAIL_ON_VMAFD_ERROR(dwError);

    *ppSid = pSid;

cleanup:
    VMAFD_SAFE_FREE_STRINGA(pszSid);
    return dwError;

error:
    goto cleanup;
}
Esempio n. 3
0
static
DWORD
_VmAfdWriteSuperlogEntryToEventLog(
    PVMAFD_SUPERLOG_ENTRY superlogEntry
    )
{
    DWORD dwError = 0;
    PCSTR pszDelimiter = "||";
    PSTR pszMarshalledEntry = NULL;

    dwError = VmAfdAllocateStringPrintf(
            &pszMarshalledEntry,
            "%u%s%u%s%u%s%lu%s",
            superlogEntry->dwErrorCode, pszDelimiter,
            superlogEntry->dwCDCLastPing, pszDelimiter,
            superlogEntry->iStartTime, pszDelimiter,
            superlogEntry->iEndTime, pszDelimiter
            );
    BAIL_ON_VMAFD_ERROR(dwError);

cleanup:
    VMAFD_SAFE_FREE_MEMORY(pszMarshalledEntry);
    return dwError;

error:
    goto cleanup;
}
Esempio n. 4
0
static
DWORD
VmAfdCheckCertOnDisk(
    PCSTR    pszAlias,
    PCSTR    pszCAPath,
    PCSTR    pszFilename,
    LONG     maxIndex,
    PBOOLEAN pbCertOnDisk
    )
{
    DWORD dwError = 0;
    LONG  index = 0;
    BOOLEAN bCertOnDisk = FALSE;
    PSTR  pszPath = NULL;
    PSTR  pszAliasOther = NULL;

    // Note : maxIndex starts from 0
    for (; !bCertOnDisk && (index <= maxIndex); index++)
    {
        VMAFD_SAFE_FREE_MEMORY(pszPath);

        dwError = VmAfdAllocateStringPrintf(
                        &pszPath,
                        "%s%s%s.%ld",
                        pszCAPath,
                        VMAFD_PATH_SEPARATOR_STR,
                        pszFilename,
                        index);
        BAIL_ON_VMAFD_ERROR(dwError);

        VMAFD_SAFE_FREE_MEMORY(pszAliasOther);

        dwError = VecsComputeCertAliasFile(pszPath, &pszAliasOther);
        BAIL_ON_VMAFD_ERROR(dwError);

        if (!VmAfdStringCompareA(pszAlias, pszAliasOther, FALSE))
        {
            bCertOnDisk = TRUE;
        }
    }

    *pbCertOnDisk = bCertOnDisk;

cleanup:

    VMAFD_SAFE_FREE_MEMORY(pszPath);
    VMAFD_SAFE_FREE_MEMORY(pszAliasOther);

    return dwError;

error:

    *pbCertOnDisk = FALSE;

    goto cleanup;
}
Esempio n. 5
0
static
DWORD
GetPassword(
    PSTR *ppszPassword
    )
{
    CHAR pszPasswordBuff[100] = {0};
    PSTR pszPassword = NULL;
    DWORD dwError = 0;
    struct termios tp, save;

    fflush(stdout);

    tcgetattr(0, &tp) ;
    memcpy (&save, &tp, sizeof (struct termios));
    save.c_lflag &= ~ECHO;                /* ECHO off, other bits unchanged */
    tcsetattr(0, TCSANOW, &save);

    if (!fgets(pszPasswordBuff, 100, stdin) && ferror(stdin))
    {
        dwError = LwErrnoToWin32Error(ferror(stdin));
        BAIL_ON_VMAFD_ERROR (dwError);
    }

    if (pszPasswordBuff[strlen(pszPasswordBuff)-1] == '\n')
    {
        pszPasswordBuff[strlen(pszPasswordBuff)-1] = '\0';
    }

    dwError = VmAfdAllocateStringPrintf(
                                        &pszPassword,
                                        "%s",
                                        pszPasswordBuff
                                       );
    BAIL_ON_VMAFD_ERROR (dwError);

    *ppszPassword = pszPassword;

cleanup:

    tcsetattr(0, TCSANOW, &tp);

    fflush (stdin);

    return dwError;

error:
    if (ppszPassword)
    {
        *ppszPassword = NULL;
    }

    VMAFD_SAFE_FREE_MEMORY (pszPassword);

    goto cleanup;
}
Esempio n. 6
0
DWORD
VmAfdConnectLdapWithMachineAccount(
    LDAP** ppLotus
    )
{
    DWORD dwError = 0;
    LDAP* pLotus = NULL;
    PSTR pszUpn = NULL;
    PVMAFD_REG_ARG pArgs = NULL;
    PWSTR pwszDCName = NULL;
    PSTR pszDCName = NULL;

    dwError = VmAfdGetMachineInfo(&pArgs);
    BAIL_ON_VMAFD_ERROR_NO_LOG(dwError);

    dwError = VmAfSrvGetAffinitizedDC(&pwszDCName);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringAFromW(pwszDCName, &pszDCName);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringPrintf(
                &pszUpn,
                "%s@%s",
                pArgs->pszAccount,
                pArgs->pszDomain);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdLDAPConnect(
                pszDCName,
                LDAP_PORT,
                pszUpn,
                pArgs->pszPassword,
                &pLotus);
    BAIL_ON_VMAFD_ERROR_NO_LOG(dwError);

    *ppLotus = pLotus;

cleanup:
    VMAFD_SAFE_FREE_STRINGA(pszUpn);
    VMAFD_SAFE_FREE_STRINGA(pszDCName);
    VMAFD_SAFE_FREE_STRINGW(pwszDCName);
    VmAfdFreeRegArgs(pArgs);
    return dwError;
error:
    if (pLotus)
    {
        VmAfdLdapClose(pLotus);
    }
    goto cleanup;

}
Esempio n. 7
0
DWORD
VmAfdLDAPConnect(
    PSTR   pszHostName,
    DWORD  dwPort,
    PCSTR   pszUpn,
    PCSTR   pszPassword,
    LDAP** ppLotus
    )
{
    DWORD dwError = 0;
    LDAP* pDirectory = NULL;
    PSTR pszLdapURI = NULL;

    if (dwPort == 0)
    {
        dwPort = LDAP_PORT;
    }

    if (VmAfdIsIPV6AddrFormat(pszHostName))
    {
        dwError = VmAfdAllocateStringPrintf(
                &pszLdapURI,
                "ldap://[%s]:%d",
                pszHostName,
                dwPort);
    }
    else
    {
        dwError = VmAfdAllocateStringPrintf(
                &pszLdapURI,
                "ldap://%s:%d",
                pszHostName,
                dwPort);
    }
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmDirSafeLDAPBind(
                    &pDirectory,
                    pszHostName,
                    pszUpn,
                    pszPassword);
    BAIL_ON_VMAFD_ERROR(dwError);

    *ppLotus = pDirectory;

cleanup:
    VMAFD_SAFE_FREE_MEMORY(pszLdapURI);

    return dwError;

error:

    *ppLotus = NULL;

    if (pDirectory != NULL)
    {
        ldap_unbind_ext(pDirectory, NULL, NULL);
    }

    goto cleanup;
}
Esempio n. 8
0
static
DWORD
VmAfdSrvWriteRootToDisk(
    PCSTR pszCertificate,
    PCSTR pszCAPath,
    PCSTR pszFilename
    )
{
    DWORD dwError = 0;
    LONG  maxIndex = -1;
    PSTR  pszPath = NULL;
    PSTR  pszAlias = NULL;
    FILE* pFile = NULL;
    size_t len = 0;
    size_t bytesToWrite = 0;
    BOOLEAN bCertOnDisk = FALSE;
    PCSTR   pszCursor = NULL;

    dwError = VmAfdFindFileIndex(pszCAPath, pszFilename, &maxIndex);
    if (dwError != ERROR_FILE_NOT_FOUND)
    {
        BAIL_ON_VMAFD_ERROR(dwError);

        dwError = VecsComputeCertAliasA((PSTR)pszCertificate, &pszAlias);
        BAIL_ON_VMAFD_ERROR(dwError);

        dwError = VmAfdCheckCertOnDisk(
                        pszAlias,
                        pszCAPath,
                        pszFilename,
                        maxIndex,
                        &bCertOnDisk);
        BAIL_ON_VMAFD_ERROR(dwError);

        if (bCertOnDisk)
        {
            goto cleanup;
        }
    }

    dwError = VmAfdAllocateStringPrintf(
                    &pszPath,
                    "%s%s%s.%ld",
                    pszCAPath,
                    VMAFD_PATH_SEPARATOR_STR,
                    pszFilename,
                    maxIndex+1);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdOpenFilePath(pszPath, "w", &pFile);
    BAIL_ON_VMAFD_ERROR(dwError);

    len = strlen(pszCertificate);
    bytesToWrite = len;
    pszCursor = pszCertificate;

    while (bytesToWrite > 0)
    {
        size_t bytesWritten = 0;

        if ((bytesWritten = fwrite(pszCursor, 1, len, pFile)) == 0)
        {
#ifndef _WIN32
            dwError = LwErrnoToWin32Error(errno);
#else
            dwError = GetLastError();
#endif
            BAIL_ON_VMAFD_ERROR(dwError);
        }

        pszCursor += bytesWritten;
        bytesToWrite -= bytesWritten;
    }

cleanup:

    if (pFile)
    {
        fclose(pFile);
    }

    VMAFD_SAFE_FREE_MEMORY(pszPath);
    VMAFD_SAFE_FREE_MEMORY(pszAlias);

    return dwError;

error:

    goto cleanup;
}
Esempio n. 9
0
static
DWORD
GetPassword(
    PSTR *ppszPassword
    )
{
    CHAR pszPasswordBuff[100] = {0};
    PSTR pszPassword = NULL;
    DWORD dwError = 0;
    HANDLE hStdin = GetStdHandle(STD_INPUT_HANDLE);
    DWORD mode = 0;
    fflush(stdout);
    if (!GetConsoleMode(hStdin, &mode))
    {
        dwError = GetLastError();
        BAIL_ON_VMAFD_ERROR (dwError);
    }
    if (!SetConsoleMode(hStdin, mode & (~ENABLE_ECHO_INPUT)))
    {
        dwError = GetLastError();
        BAIL_ON_VMAFD_ERROR (dwError);
    }
    if (!fgets(pszPasswordBuff, 100, stdin) && ferror(stdin))
    {
        dwError = GetLastError();
        BAIL_ON_VMAFD_ERROR (dwError);
    }

    if (pszPasswordBuff[strlen(pszPasswordBuff)-1] == '\n')
    {
        pszPasswordBuff[strlen(pszPasswordBuff)-1] = '\0';
    }

    dwError = VmAfdAllocateStringPrintf(
                                        &pszPassword,
                                        "%s",
                                        pszPasswordBuff
                                       );
    BAIL_ON_VMAFD_ERROR (dwError);

    *ppszPassword = pszPassword;

cleanup:

    if (!SetConsoleMode(hStdin, mode))
    {
        dwError = GetLastError();
        BAIL_ON_VMAFD_ERROR (dwError);
    }
    fflush (stdin);

    return dwError;

error:
    if (ppszPassword)
    {
        *ppszPassword = NULL;
    }

    VMAFD_SAFE_FREE_MEMORY (pszPassword);

    goto cleanup;
}
Esempio n. 10
0
static
DWORD
VmAfdCliBeginOrEndUpgrade(
    PVM_AFD_CLI_CONTEXT pContext
    )
{
    DWORD dwError = 0;
    PSTR pszAccount = NULL;
    PSTR pszPassword = NULL;
    PSTR pszDomainName = NULL;
    BOOL bUsingIPC = FALSE;
    PVMAFD_SERVER pServer = NULL;

    if (!pContext)
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    dwError = VmAfdGetDomainNameA(NULL,&pszDomainName);
    BAIL_ON_VMAFD_ERROR(dwError);

    if (IsNullOrEmptyString(pContext->pszServerName))
    {
        bUsingIPC = TRUE;
    }

    if (bUsingIPC && !IsNullOrEmptyString(pContext->pszUserName))
    {
        printf ("Getting heartbeat status of local system\n"
                "lightwave user-name will not be used\n"
               );
    }

    if (!bUsingIPC)
    {
      //Factor domain name as well into this equation
        if(IsNullOrEmptyString(pContext->pszUserName))
        {
            dwError = VmAfdGetMachineAccountInfoA(NULL, &pszAccount, &pszPassword);
        }
        else
        {
            if (VmAfdCaselessStrStrA(pContext->pszUserName, "@"))
            {
                dwError = VmAfdAllocateStringA(pContext->pszUserName, &pszAccount);
            }
            else
            {
                dwError = VmAfdAllocateStringPrintf(
                                                  &pszAccount,
                                                  "%s@%s",
                                                  pContext->pszUserName,
                                                  pszDomainName
                                                  );
            }
            BAIL_ON_VMAFD_ERROR(dwError);

            if (IsNullOrEmptyString(pContext->pszPassword))
            {
                dwError = GetPassword(&pszPassword);
            }
            else
            {
                dwError = VmAfdAllocateStringA(pContext->pszPassword, &pszPassword);
            }
            BAIL_ON_VMAFD_ERROR(dwError);
        }
    }
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdOpenServerA(
                          pContext->pszServerName,
                          pszAccount,
                          pszPassword,
                          &pServer
                          );
    BAIL_ON_VMAFD_ERROR(dwError);

    if (pContext->action == VM_AFD_ACTION_BEGIN_UPGRADE)
    {
        dwError = VmAfdBeginUpgrade(pServer);
        BAIL_ON_VMAFD_ERROR(dwError);
        printf ("Begin upgrade state is set\n");
    }
    else if (pContext->action == VM_AFD_ACTION_END_UPGRADE)
    {
        dwError = VmAfdEndUpgrade(pServer);
        BAIL_ON_VMAFD_ERROR(dwError);
        printf ("End upgrade state is set\n");
    }

cleanup:
    VMAFD_SAFE_FREE_MEMORY(pszAccount);
    VMAFD_SAFE_FREE_MEMORY(pszPassword);
    VMAFD_SAFE_FREE_MEMORY(pszDomainName);
    if (pServer)
    {
        VmAfdCloseServer(pServer);
    }
    return dwError;

error:

    goto cleanup;
}
Esempio n. 11
0
DWORD
VmAfdRestPasswordRefresh(
    PCSTR pszServer,
    PCSTR pszDomain,
    PCSTR pszUser,
    PCSTR pszPass,
    BOOLEAN bForce,
    BOOLEAN bInsecure,
    PSTR *ppszNewPass
    )
{
    DWORD dwError = 0;
    PSTR pszToken = NULL;
    PSTR pszNewPass = NULL;
    PSTR pszUrl = NULL;
    PVM_HTTP_CLIENT pHttpClient = NULL;
    PSTR pszParamString = NULL;
    PCSTR pszResult = NULL;
    PWSTR pwszCAPath = NULL;
    PSTR pszCAPath = NULL;

    if (IsNullOrEmptyString(pszServer) ||
        IsNullOrEmptyString(pszDomain) ||
        IsNullOrEmptyString(pszUser) ||
        IsNullOrEmptyString(pszPass) ||
        !ppszNewPass)
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    if (bInsecure)
    {
        pszCAPath = NULL;
    }
    else
    {
        dwError = VmAfSrvGetCAPath(&pwszCAPath);
        BAIL_ON_VMAFD_ERROR(dwError);

        dwError = VmAfdAllocateStringAFromW(pwszCAPath, &pszCAPath);
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    /* acquire token */
    dwError = VmAfdAcquireOIDCToken(
                  pszServer,
                  pszDomain,
                  pszUser,
                  pszPass,
                  pszCAPath,
                  VMAFD_OIDC_VMDIR_SCOPE,
                  &pszToken);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringPrintf(
                  &pszParamString,
                  "?force=%s",
                  bForce?"true":"false");
    BAIL_ON_VMAFD_ERROR(dwError);

    /* make rest url */
    dwError = VmFormatUrl(
                  "https",
                  pszServer,
                  VMDIR_REST_API_HTTPS_PORT,
                  VMDIR_REST_API_BASE"/"VMDIR_REST_API_PASSWORD_REFRESH_CMD,
                  pszParamString,
                  &pszUrl);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmHttpClientInit(&pHttpClient, pszCAPath);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmHttpClientSetToken(pHttpClient,
                                   VMHTTP_TOKEN_TYPE_BEARER,
                                   pszToken);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmHttpClientPerform(pHttpClient, VMHTTP_METHOD_POST, pszUrl);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmHttpClientGetResult(pHttpClient, &pszResult);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = _VmAfdGetHttpResultPassword(pszResult, &pszNewPass);
    BAIL_ON_VMAFD_ERROR(dwError);

    /* pszPassword could be NULL if force is not set or not aged */
    /* caller handles this scenario */
    *ppszNewPass = pszNewPass;

cleanup:
    VmHttpClientFreeHandle(pHttpClient);
    VMAFD_SAFE_FREE_MEMORY(pszCAPath);
    VMAFD_SAFE_FREE_MEMORY(pwszCAPath);
    VMAFD_SAFE_FREE_STRINGA(pszParamString);
    VMAFD_SAFE_FREE_STRINGA(pszUrl);
    VMAFD_SAFE_FREE_STRINGA(pszToken);
    return dwError;

error:
    VMAFD_SAFE_FREE_STRINGA(pszNewPass);
    goto cleanup;
}
Esempio n. 12
0
DWORD
VmDdnsUpdateMakePacket(
    PSTR pszZone,
    PSTR pszHostname,
    PSTR pszName,
    PSTR* ppDnsPacket,
    DWORD* ppacketSize,
    DWORD headerId,
    DWORD dwFlag
    )
{
    PSTR pLabelName = NULL;
    PSTR fqdn = NULL;
    DWORD dwError = 0;
    DWORD labelLength = 0;
    DWORD packetSize = 0;
    DWORD upCount = 2;
    VMDNS_IP4_ADDRESS* pV4Address = NULL;
    VMDNS_IP6_ADDRESS* pV6Address = NULL;
    PVMAFD_MESSAGE_BUFFER pDnsBuffer = NULL;
    PSTR pDnsPacket = NULL;

    if(!pszZone || !pszName || !pszHostname || !ppDnsPacket || !ppacketSize)
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    dwError = VmAfdAllocateStringPrintf(
                          &fqdn,
                          "%s.%s",
                          pszName,
                          pszZone
                          );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmDdnsConstructName(
                        fqdn,
                        &pLabelName,
                        &labelLength
                        );
    BAIL_ON_VMAFD_ERROR(dwError);

    //Add updated records
    if(dwFlag == VMDDNS_UPDATE_PACKET)
    {
        dwError = VmDdnsGetSourceIp(
                              &pV4Address,
                              &pV6Address
                              );
        BAIL_ON_VMAFD_ERROR(dwError);
        upCount++;
    }

    dwError = VmAfdAllocateBufferStream(
                        0,
                        &pDnsBuffer
                        );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmDdnsMakeUpdateHeader(
                          pDnsBuffer,
                          headerId,
                          upCount
                          );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmDdnsMakeZone(
                    pszZone,
                    pDnsBuffer
                    );
    BAIL_ON_VMAFD_ERROR(dwError);

    //Delete all A records
    dwError = VmDdnsMakeDeleteRR(
                      VMDDNS_TYPE_A,
                      pLabelName,
                      labelLength,
                      pDnsBuffer
                      );
    BAIL_ON_VMAFD_ERROR(dwError);

    //Delete all AAAA records
    dwError = VmDdnsMakeDeleteRR(
                        VMDDNS_TYPE_AAAA,
                        pLabelName,
                        labelLength,
                        pDnsBuffer
                        );
    BAIL_ON_VMAFD_ERROR(dwError);

    if(dwFlag == VMDDNS_UPDATE_PACKET)
    {
        //Add A records
        if(pV4Address)
        {
            dwError = VmDdnsMakeUpdateRR(
                              VMDDNS_TYPE_A,
                              pLabelName,
                              labelLength,
                              pDnsBuffer,
                              pV4Address,
                              NULL
                              );
            BAIL_ON_VMAFD_ERROR(dwError);
        }
        else
        {
            dwError = VmDdnsMakeUpdateRR(
                              VMDDNS_TYPE_AAAA,
                              pLabelName,
                              labelLength,
                              pDnsBuffer,
                              NULL,
                              pV6Address
                              );
            BAIL_ON_VMAFD_ERROR(dwError);
        }
    }

    dwError = VmAfdCopyBufferFromBufferStream(
                    pDnsBuffer,
                    NULL,
                    &packetSize
                    );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateMemory(
                    packetSize,
                    (PVOID)&pDnsPacket
                    );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdCopyBufferFromBufferStream(
                    pDnsBuffer,
                    pDnsPacket,
                    &packetSize
                    );
    BAIL_ON_VMAFD_ERROR(dwError);

    *ppDnsPacket = pDnsPacket;
    *ppacketSize = packetSize;

cleanup:

    VMAFD_SAFE_FREE_MEMORY(pV4Address);
    VMAFD_SAFE_FREE_MEMORY(pV6Address);
    VmAfdFreeBufferStream(pDnsBuffer);
    VMAFD_SAFE_FREE_STRINGA(pLabelName);
    VMAFD_SAFE_FREE_STRINGA(fqdn);
    return dwError;

error:
    if(pDnsPacket)
    {
        VMAFD_SAFE_FREE_STRINGA(pDnsPacket);
    }
    if(ppDnsPacket)
    {
        *ppDnsPacket = NULL;
    }
    goto cleanup;
}
Esempio n. 13
0
DWORD
VmAfdQueryCACerts(
    LDAP* pLotus,
    PCSTR pszCACN,
    BOOL  bDetail,
    PVMAFD_CA_CERT_ARRAY* ppCACertificates
    )
{
    DWORD dwError = 0;
    PSTR pszClassFilter = "(objectClass=vmwCertificationAuthority)";
    PSTR pszAttrEntryDN = "entryDN";
    PSTR pszAttrCADN    = "cACertificateDN";
    PSTR pszAttrCert    = "cACertificate";
    PSTR pszAttrCrl     = "certificateRevocationList";
    PSTR pszFilter      = NULL;
    PSTR pszComboFilter = NULL;
    PSTR pszSearchBaseDN= NULL;
    PSTR pszDomainName  = NULL;
    LDAPMessage* pSearchResult = NULL;
    LDAPMessage* pCAResult = NULL;
    PVMAFD_CA_CERT_ARRAY pCertArray = NULL;

    PCHAR attrs[] = { pszAttrEntryDN, pszAttrCADN,
                      pszAttrCert, pszAttrCrl, NULL};
    struct berval** ppValues = NULL;
    int nCertCount = 0;
    int certIndex = 0;

    dwError = VmAfdAllocateMemory(
                    sizeof(VMAFD_CA_CERT_ARRAY),
                    (PVOID*)&pCertArray);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdGetDefaultDomainName(
                 pLotus,
                 &pszDomainName);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringPrintf(
                 &pszSearchBaseDN,
                 "cn=Configuration,%s",
                 pszDomainName);
    BAIL_ON_VMAFD_ERROR(dwError);

    if (pszCACN)
    {
        dwError = VmAfdAllocateStringPrintf(
                &pszComboFilter, "(&(CN=%s)%s)",
                pszCACN, pszClassFilter);
        BAIL_ON_VMAFD_ERROR(dwError);
        pszFilter = pszComboFilter;
    }
    else
    {
        pszFilter = pszClassFilter;
    }

    dwError = ldap_search_ext_s(
                 pLotus,
                 pszSearchBaseDN,
                 LDAP_SCOPE_SUBTREE,
                 pszFilter,
                 attrs,
                 0, /* get values and attrs */
                 NULL,
                 NULL,
                 NULL,
                 0,
                 &pSearchResult);
    BAIL_ON_VMAFD_ERROR(dwError);

    nCertCount = ldap_count_entries(pLotus, pSearchResult);
    if (nCertCount > 0)
    {
        pCertArray->dwCount = nCertCount;

        dwError = VmAfdAllocateMemory(
                        sizeof(VMAFD_CA_CERT) * nCertCount,
                        (PVOID*)&pCertArray->pCACerts);
        BAIL_ON_VMAFD_ERROR(dwError);

        for ( pCAResult = ldap_first_entry(pLotus, pSearchResult);
              pCAResult != NULL;
              pCAResult = ldap_next_entry(pLotus, pCAResult), ++certIndex)
        {
            // The following assumes there's only one certificate for each CA
            // object. In the future if the whole chain is store, we will
            // update accordingly.

            // Copy CN
            dwError = VmAfdCopyQueryResultAttributeString(
                    pLotus, pCAResult, pszAttrEntryDN, FALSE,
                    (PSTR*)&pCertArray->pCACerts[certIndex].pCN);
            BAIL_ON_VMAFD_ERROR(dwError);

            // Copy subject DN
            dwError = VmAfdCopyQueryResultAttributeString(
                    pLotus, pCAResult, pszAttrCADN, FALSE,
                    (PSTR*)&pCertArray->pCACerts[certIndex].pSubjectDN);
            BAIL_ON_VMAFD_ERROR(dwError);

            if (bDetail)
            {
                // Copy certificate
                dwError = VmAfdCopyQueryResultAttributeString(
                        pLotus, pCAResult, pszAttrCert, FALSE,
                        (PSTR*)&pCertArray->pCACerts[certIndex].pCert);
                BAIL_ON_VMAFD_ERROR(dwError);

                dwError = VmAfdCopyQueryResultAttributeString(
                        pLotus, pCAResult, pszAttrCrl, TRUE,
                        (PSTR*)&pCertArray->pCACerts[certIndex].pCrl);
                BAIL_ON_VMAFD_ERROR(dwError);
            }
        }
    }

    *ppCACertificates = pCertArray;

cleanup:

    VMAFD_SAFE_FREE_MEMORY(pszSearchBaseDN);
    VMAFD_SAFE_FREE_MEMORY(pszDomainName);
    VMAFD_SAFE_FREE_MEMORY(pszComboFilter);

    if (ppValues != NULL)
    {
        ldap_value_free_len(ppValues);
        ppValues = NULL;
    }

    if(pSearchResult != NULL)
    {
        ldap_msgfree(pSearchResult);
    }

    return dwError;

error:

    if (pCertArray )
    {
        VecsFreeCACertArray(pCertArray);
    }
    if (ppCACertificates)
    {
        *ppCACertificates = NULL;
    }

    goto cleanup;
}
Esempio n. 14
0
/*
 * If pszServerName is in IP format, use it as Lotus Server Name.
 * If pszServerName is NOT "localhost" which means caller specify a name they prefer, use it as the Lotus Server Name.
 *
 * Otherwise, derive FQDN based on existing network naming configuration.
 *   i.e. Call gethostname then perform forward+reverse lookup to derive the FQDN as Lotus Server Name.
 *        The forward+reverse look up is for kerberos naming consistency between server (Lotus) and clients, which
 *        could be Lotus or open sources, e.g. openldap.
 *        However, this auto name resolution is error-prone as system could have multiple IF(s) defined and
 *        we have no idea which IF we should pick to perform reverse lookup.
 *        Thus, the best chance to get Kerberos working is - customer provides proper FQDN as Lotus Server Name.
 */
static
DWORD
VmAfSrvGetLotusServerName(
    PCSTR   pszServerName,
    PSTR*   ppOutServerName
)
{
    DWORD dwError = 0;
    PSTR  pszHostnameCanon = NULL;
    PSTR  pszLocalHostName = NULL;
    PSTR  pszFQDN = NULL;

    if ( !pszServerName || !ppOutServerName )
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    if ( VmAfdStringCompareA( pszServerName, "localhost", FALSE ) != 0 )
    {   // caller provides preferred Lotus Server Name or IP
        dwError = VmAfdAllocateStringA( pszServerName, &pszHostnameCanon );
        BAIL_ON_VMAFD_ERROR(dwError);
    }
    else
    {   // caller does NOT specify preferred Lotus Server Name, derives it ourselves.
        dwError = VmAfdGetHostName(&pszLocalHostName);
        BAIL_ON_VMAFD_ERROR(dwError);

        dwError = VmAfdGetCanonicalHostName(pszLocalHostName, &pszHostnameCanon);
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    BAIL_ON_VMAFD_EMPTY_STRING(pszHostnameCanon, dwError);

    if (!VmAfdCheckIfIPV4AddressA(pszHostnameCanon) &&
            !VmAfdCheckIfIPV6AddressA(pszHostnameCanon) &&
            pszHostnameCanon[VmAfdStringLenA(pszHostnameCanon) - 1] != '.')
    {
        dwError = VmAfdAllocateStringPrintf(
                      &pszFQDN,
                      "%s.",
                      pszHostnameCanon);
        BAIL_ON_VMAFD_ERROR(dwError);
    }
    else
    {
        pszFQDN = pszHostnameCanon;
        pszHostnameCanon = NULL;
    }

    *ppOutServerName = pszFQDN;

    VmAfdLog(VMAFD_DEBUG_ANY, "Lotus server name: (%s)", *ppOutServerName);

cleanup:
    VMAFD_SAFE_FREE_MEMORY(pszHostnameCanon);
    return dwError;

error:
    VMAFD_SAFE_FREE_MEMORY(pszFQDN);
    VmAfdLog(VMAFD_DEBUG_ANY, "%s failed (%s). Error(%u)",
             __FUNCTION__, pszServerName, dwError);
    goto cleanup;
}
Esempio n. 15
0
DWORD
VmAfdQueryCACertAndCrlAttributes(
    LDAP* pLotus,
    PVMAFD_CERT_ARRAY*          ppCertificates,
    PVMAFD_CRL_FILE_CONTAINER*  ppCrls
    )
{
    DWORD dwError = 0;
    PSTR pszFilter = "(objectClass=vmwCertificationAuthority)";
    PSTR pszAttrCert  = "cACertificate";
    PSTR pszAttrCrl  = "certificateRevocationList";
    PSTR pszSearchBaseDN = NULL;
    PSTR pszDomainName = NULL;
    LDAPMessage* pSearchResult = NULL;
    LDAPMessage* pCAResult = NULL;

    PCHAR attrs[] = { pszAttrCert, pszAttrCrl, NULL};
    int nCertCount = 0;
    int nCrlCount = 0;
    PVMAFD_CERT_ARRAY pCertArray = NULL;
    PVMAFD_CRL_FILE_CONTAINER pCrlContainer = NULL;
    struct berval** ppValues = NULL;

    if (!ppCertificates || !ppCrls)
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    dwError = VmAfdGetDefaultDomainName(
                 pLotus,
                 &pszDomainName);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringPrintf(
                 &pszSearchBaseDN,
                 "cn=Configuration,%s",
                 pszDomainName);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = ldap_search_ext_s(
                 pLotus,
                 pszSearchBaseDN,
                 LDAP_SCOPE_SUBTREE,
                 pszFilter,
                 attrs,
                 0, /* get values and attrs */
                 NULL,
                 NULL,
                 NULL,
                 0,
                 &pSearchResult);
    BAIL_ON_VMAFD_ERROR(dwError);

    for ( pCAResult = ldap_first_entry(pLotus, pSearchResult);
          pCAResult != NULL;
          pCAResult = ldap_next_entry(pLotus, pCAResult))
    {
       nCertCount += VmAfdCountResultAttribute(
           pLotus, pCAResult, pszAttrCert);

       nCrlCount += VmAfdCountResultAttribute(
           pLotus, pCAResult, pszAttrCrl);
    }

    dwError = VmAfdAllocateMemory(
                    sizeof(VMAFD_CERT_ARRAY),
                    (PVOID*)&pCertArray);
    BAIL_ON_VMAFD_ERROR(dwError);

    pCertArray->dwCount = nCertCount;

    dwError = VmAfdAllocateMemory(
                    sizeof(VMAFD_CRL_FILE_CONTAINER),
                    (PVOID*)&pCrlContainer);
    BAIL_ON_VMAFD_ERROR(dwError);

    pCrlContainer->dwCount = nCrlCount;

    if (nCertCount || nCrlCount)
    {
        int certIndex = 0;
        int crlIndex = 0;
        if (nCertCount)
        {
            dwError = VmAfdAllocateMemory(
                        sizeof(VMAFD_CERT_CONTAINER) * nCertCount,
                        (PVOID*)&pCertArray->certificates);
            BAIL_ON_VMAFD_ERROR(dwError);
        }

        if (nCrlCount)
        {
            dwError = VmAfdAllocateMemory(
                        sizeof(VMAFD_CRL_DATA) * nCrlCount,
                        (PVOID*)&pCrlContainer->crls);
            BAIL_ON_VMAFD_ERROR(dwError);
        }

        for ( pCAResult = ldap_first_entry(pLotus, pSearchResult);
              pCAResult != NULL;
              pCAResult = ldap_next_entry(pLotus, pCAResult))
        {
            // Copy certs
            ppValues = ldap_get_values_len(
                                        pLotus,
                                        pCAResult,
                                        pszAttrCert);
            if (ppValues)
            {
                int i = 0;
                while(ppValues[i])
                {
                    dwError = VmAfdAllocateMemory(
                                    sizeof(CHAR) * ppValues[i]->bv_len + 1,
                                    (PVOID)&pCertArray->certificates[certIndex].pCert);
                    BAIL_ON_VMAFD_ERROR(dwError);
                    memcpy(
                      (PVOID) pCertArray->certificates[certIndex].pCert,
                      (PVOID) ppValues[i]->bv_val,
                      (size_t) ppValues[i]->bv_len);
                    i++;
                    certIndex++;
                }
                ldap_value_free_len(ppValues);
                ppValues = NULL;
            }

            // Copy CRLs
            ppValues = ldap_get_values_len(
                                        pLotus,
                                        pCAResult,
                                        pszAttrCrl);
            if (ppValues)
            {
                int i = 0;
                while(ppValues[i])
                {
                    dwError = VmAfdAllocateMemory(
                                    sizeof(CHAR) * ppValues[i]->bv_len + 1,
                                    (PVOID)&pCrlContainer->crls[crlIndex].buffer);
                    BAIL_ON_VMAFD_ERROR(dwError);
                    memcpy(
                      (PVOID) pCrlContainer->crls[crlIndex].buffer,
                      (PVOID) ppValues[i]->bv_val,
                      (size_t) ppValues[i]->bv_len);
                    i++;
                    crlIndex++;
                }
                ldap_value_free_len(ppValues);
                ppValues = NULL;
            }
        }
    }

    *ppCertificates = pCertArray;
    *ppCrls = pCrlContainer;

cleanup:

    VMAFD_SAFE_FREE_MEMORY(pszSearchBaseDN);
    VMAFD_SAFE_FREE_MEMORY(pszDomainName);

    if (ppValues != NULL)
    {
        ldap_value_free_len(ppValues);
        ppValues = NULL;
    }

    if(pSearchResult != NULL)
    {
        ldap_msgfree(pSearchResult);
    }

    return dwError;

error:

    *ppCertificates = NULL;

    VMAFD_SAFE_FREE_MEMORY(pCrlContainer);
    if (ppCertificates)
    {
        *ppCertificates = NULL;
    }
    if(ppCrls)
    {
        *ppCrls = NULL;
    }
    if (pCertArray )
    {
        VecsFreeCertArray(pCertArray);
    }

    goto cleanup;
}
Esempio n. 16
0
static
DWORD
CdcVmafdHeartbeatPing(
    PWSTR pwszDCName,
    PWSTR pwszAccount,
    PWSTR pwszPassword,
    PWSTR pwszDomainName,
    PBOOL pbIsAlive
    )
{
    DWORD dwError = 0;
    PSTR pszUPN = NULL;
    PSTR pszAccount = NULL;
    PSTR pszDomainName = NULL;
    PWSTR pwszUPN = NULL;
    BOOL bIsAlive = FALSE;

    PVMAFD_SERVER pServer = NULL;
    PVMAFD_HB_STATUS_W pHeartbeatStatus = NULL;

    if (IsNullOrEmptyString(pwszDCName) ||
        IsNullOrEmptyString(pwszAccount) ||
        IsNullOrEmptyString(pwszPassword) ||
        IsNullOrEmptyString(pwszDomainName) ||
        !pbIsAlive
       )
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    dwError = VmAfdAllocateStringAFromW(
                                  pwszAccount,
                                  &pszAccount
                                  );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringAFromW(
                                  pwszDomainName,
                                  &pszDomainName
                                  );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringPrintf(
                                  &pszUPN,
                                  "%s@%s",
                                  pszAccount,
                                  pszDomainName
                                  );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringWFromA(
                                 pszUPN,
                                 &pwszUPN
                                 );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdOpenServerW(
                         pwszDCName,
                         pwszUPN,
                         pwszPassword,
                         &pServer
                         );
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdGetHeartbeatStatusW(
                                  pServer,
                                  &pHeartbeatStatus
                                  );
    BAIL_ON_VMAFD_ERROR(dwError);

    bIsAlive = pHeartbeatStatus->bIsAlive? TRUE: FALSE;

    *pbIsAlive = bIsAlive;

cleanup:

    if (pServer)
    {
        VmAfdCloseServer(pServer);
    }
    if (pHeartbeatStatus)
    {
        VmAfdFreeHeartbeatStatusW(pHeartbeatStatus);
    }
    VMAFD_SAFE_FREE_MEMORY(pszUPN);
    VMAFD_SAFE_FREE_MEMORY(pwszUPN);
    VMAFD_SAFE_FREE_MEMORY(pszAccount);
    VMAFD_SAFE_FREE_MEMORY(pszDomainName);

    return dwError;
error:

    if (pbIsAlive)
    {
        *pbIsAlive = FALSE;
    }
    VmAfdLog(VMAFD_DEBUG_ANY,
             "Failed to get heartbeat Status due to Error: %d",
             dwError
            );
    goto cleanup;
}
Esempio n. 17
0
static
DWORD
VmAfSrvDirOpenConnection(
    PCWSTR pwszDCName,
    PCWSTR pwszDomain,
    PCWSTR pwszAccount,
    PCWSTR pwszPassword,
    PVMDIR_CONNECTION*ppConnection
    )
{
    DWORD dwError = 0;
    PSTR  pszDCName = NULL;
    PSTR  pszDomain = NULL;
    PSTR  pszAccount = NULL;
    PSTR  pszPassword = NULL;
    PSTR  pszURI = NULL;
    PVMDIR_CONNECTION pConnection = NULL;

    dwError = VmAfdAllocateStringAFromW(pwszDCName, &pszDCName);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringAFromW(pwszDomain, &pszDomain);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringAFromW(pwszAccount, &pszAccount);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringAFromW(pwszPassword, &pszPassword);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringPrintf(
                &pszURI,
                "ldap://%s:%d",
                pszDCName,
                LDAP_PORT);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmDirConnectionOpen(
                pszURI,
                pszDomain,
                pszAccount,
                pszPassword,
                &pConnection);
    BAIL_ON_VMAFD_ERROR(dwError);

    *ppConnection = pConnection;

cleanup:

    VMAFD_SAFE_FREE_MEMORY(pszURI);
    VMAFD_SAFE_FREE_MEMORY(pszDCName);
    VMAFD_SAFE_FREE_MEMORY(pszDomain);
    VMAFD_SAFE_FREE_MEMORY(pszAccount);
    VMAFD_SAFE_FREE_MEMORY(pszPassword);

    return dwError;

error:

    if (ppConnection)
    {
        *ppConnection = NULL;
    }

    if (pConnection)
    {
        VmDirConnectionClose(pConnection);
    }

    goto cleanup;
}
Esempio n. 18
0
DWORD
VmAfdGetDomainController(
    PCSTR pszDomain,
    PCSTR pszUserName,
    PCSTR pszPassword,
    PCSTR pszSiteName,          /* OPTIONAL */
    PSTR* ppszHostname,
    PSTR* ppszNetworkAddress
    )
{
    DWORD dwError = 0;
    PDNS_SERVER_INFO pServerArray = NULL;
    DWORD dwServerCount = 0;
    PSTR  pszQuestion = NULL;
    DWORD dwDsFlags = 0;
    PSTR  pszNetworkAddress = NULL;
    PSTR  pszHostname = NULL;
    PSTR  pszUPN = NULL;
    PSTR  pszDomainDN = NULL;

    if (IsNullOrEmptyString(pszDomain) || !ppszHostname || !ppszNetworkAddress)
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    if (IsNullOrEmptyString(pszSiteName))
    {
        dwError = VmAfdAllocateStringPrintf(
                            &pszQuestion,
                            "_ldap._tcp.%s",
                            pszDomain);
        BAIL_ON_VMAFD_ERROR(dwError);
    }
    else
    {
        dwError = VmAfdAllocateStringPrintf(
                            &pszQuestion,
                            "_ldap._tcp.%s._sites.%s",
                            pszSiteName,
                            pszDomain);
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    dwError = LWNetDnsSrvQueryByQuestion(
                    pszQuestion,
                    NULL,
                    dwDsFlags,
                    &pServerArray,
                    &dwServerCount);
    BAIL_ON_VMAFD_ERROR(dwError);

    if (dwServerCount > 0)
    {
        DWORD iServer = 0;

        dwError = VmAfdAllocateStringPrintf(
                      &pszUPN,
                      "%s@%s",
                      pszUserName,
                      pszDomain);
        BAIL_ON_VMAFD_ERROR(dwError);

        dwError = VmAfSrvGetDomainDN(pszDomain, &pszDomainDN);
        BAIL_ON_VMAFD_ERROR(dwError);

        for (; iServer < dwServerCount; iServer++)
        {
            DWORD dwError2 = 0;
            PDNS_SERVER_INFO pServerInfo = &pServerArray[iServer];

            dwError2 = VmAfSrvCheckDC(
                            pServerInfo,
                            pszDomainDN,
                            pszUPN,
                            pszPassword,
                            &pszHostname,
                            &pszNetworkAddress);
            if (dwError2 == ERROR_SUCCESS)
            {
                break;
            }
        }
    }

    if (!pszNetworkAddress || !pszHostname)
    {
        dwError = ERROR_NO_SUCH_DOMAIN;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    *ppszHostname = pszHostname;
    *ppszNetworkAddress = pszNetworkAddress;

cleanup:

    if (pServerArray)
    {
        LWNetFreeMemory(pServerArray);
    }
    VMAFD_SAFE_FREE_MEMORY(pszQuestion);
    VMAFD_SAFE_FREE_MEMORY(pszUPN);
    VMAFD_SAFE_FREE_MEMORY(pszDomainDN);

    return dwError;

error:

    if (ppszNetworkAddress)
    {
        *ppszNetworkAddress = NULL;
    }

    VMAFD_SAFE_FREE_MEMORY(pszHostname);
    VMAFD_SAFE_FREE_MEMORY(pszNetworkAddress);

    goto cleanup;
}
Esempio n. 19
0
DWORD
VmAfdGetDomainControllerList(
    PCSTR pszDomain,
    PVMAFD_DC_INFO_W *ppVmAfdDCInfoList,
    PDWORD pdCount
    )
{
    DWORD dwError = 0;
    DWORD dwIndex = 0;
    PDNS_SERVER_INFO pServerArray = NULL;
    DWORD dwServerCount = 0;
    PSTR  pszQuestion = NULL;
    DWORD dwDsFlags = 0;
    PSTR  pszUPN = NULL;
    PSTR  pszDomainDN = NULL;
    PVMAFD_DC_INFO_W pVmAfdDCEntries = NULL;

    if (IsNullOrEmptyString(pszDomain) || !ppVmAfdDCInfoList)
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    dwError = VmAfdAllocateStringPrintf(
                    &pszQuestion,
                    "_ldap._tcp.%s",
                    pszDomain);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = LWNetDnsSrvQueryByQuestion(
                    pszQuestion,
                    NULL,
                    dwDsFlags,
                    &pServerArray,
                    &dwServerCount);
    BAIL_ON_VMAFD_ERROR(dwError);

    if (dwServerCount > 0 )
    {
        dwError = VmAfdAllocateMemory(
                            sizeof(VMAFD_DC_INFO_W)*dwServerCount,
                            (PVOID *)&pVmAfdDCEntries
                            );
        BAIL_ON_VMAFD_ERROR(dwError);

       for (; dwIndex < dwServerCount; dwIndex++)
       {
           PDNS_SERVER_INFO pServerInfo = &pServerArray[dwIndex];
           PVMAFD_DC_INFO_W pDcInfo = &pVmAfdDCEntries[dwIndex];

           dwError = VmAfdAllocateStringWFromA(
                                       pServerInfo->pszName,
                                       &pDcInfo->pwszHostName
                                       );
           BAIL_ON_VMAFD_ERROR(dwError);

           dwError = VmAfdAllocateStringWFromA(
                                        pServerInfo->pszAddress,
                                        &pDcInfo->pwszAddress
                                        );
           BAIL_ON_VMAFD_ERROR(dwError);
       }
    }
    *pdCount = dwServerCount;
    *ppVmAfdDCInfoList = pVmAfdDCEntries;
cleanup:

    if (pServerArray)
    {
        LWNetFreeMemory(pServerArray);
    }
    VMAFD_SAFE_FREE_MEMORY(pszQuestion);
    VMAFD_SAFE_FREE_MEMORY(pszUPN);
    VMAFD_SAFE_FREE_MEMORY(pszDomainDN);

    return dwError;

error:
   if (dwServerCount > 0 && pVmAfdDCEntries )
   {
      for (dwIndex = 0; dwIndex < dwServerCount ; dwIndex++)
      {
          PVMAFD_DC_INFO_W pDcInfo = &pVmAfdDCEntries[dwIndex];
          if (pDcInfo)
          {
              VMAFD_SAFE_FREE_MEMORY(pDcInfo->pwszHostName);
              VMAFD_SAFE_FREE_MEMORY(pDcInfo->pwszAddress);
          }
      }
   }
   VMAFD_SAFE_FREE_MEMORY(pVmAfdDCEntries);
   goto cleanup;

}
Esempio n. 20
0
DWORD
VmAfdGetMachineInfo(
    PVMAFD_REG_ARG *ppArgs
    )
{
    DWORD dwError = 0;
    PWSTR pwszAccountName = NULL;
    PWSTR pwszPassword = NULL;
    PWSTR pwszAccountDN = NULL;
    PWSTR pwszDomain = NULL;
    PWSTR pwszAccount = NULL;
    PVMAFD_REG_ARG pArgs = NULL;
    VMAFD_DOMAIN_STATE domainState = VMAFD_DOMAIN_STATE_NONE ;

    dwError = VmAfSrvGetDomainState(&domainState);
    BAIL_ON_VMAFD_ERROR(dwError);

    if (domainState == VMAFD_DOMAIN_STATE_NONE)
    {
        dwError = ERROR_NOT_JOINED;
        BAIL_ON_VMAFD_ERROR_NO_LOG(dwError);
    }

    dwError = VmAfSrvGetMachineAccountInfo(
                    &pwszAccount,
                    &pwszPassword,
                    &pwszAccountDN,
                    NULL);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError =  VmAfdAllocateMemory(
                    sizeof(VMAFD_REG_ARG),
                    (PVOID*)&pArgs);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringAFromW(
                    pwszAccountDN,
                    &pArgs->pszAccountDN);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringAFromW(
                    pwszPassword,
                    &pArgs->pszPassword);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringAFromW(
                    pwszAccount,
                    &pArgs->pszAccount);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfSrvGetDomainName(&pwszDomain);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringAFromW(
                    pwszDomain,
                    &pArgs->pszDomain);
    BAIL_ON_VMAFD_ERROR(dwError);

    dwError = VmAfdAllocateStringPrintf( &(pArgs->pszAccountUPN), "%s@%s",
                                         pArgs->pszAccount, pArgs->pszDomain);
    BAIL_ON_VMAFD_ERROR(dwError);

    if (IsNullOrEmptyString(pArgs->pszAccountDN) ||
        IsNullOrEmptyString(pArgs->pszPassword))
    {
        dwError = VECS_MISSING_CREDS;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    *ppArgs = pArgs;

cleanup:

    VMAFD_SAFE_FREE_MEMORY(pwszAccountName);
    VMAFD_SAFE_FREE_MEMORY(pwszPassword);
    VMAFD_SAFE_FREE_MEMORY(pwszAccountDN);
    VMAFD_SAFE_FREE_MEMORY(pwszDomain);
    VMAFD_SAFE_FREE_MEMORY(pwszAccount);

    return dwError;

error :

    *ppArgs = NULL;

    if (pArgs)
    {
        VmAfdFreeRegArgs(pArgs);
    }

    switch (dwError)
    {
        case VECS_MISSING_CREDS:

            VmAfdLog(VMAFD_DEBUG_ANY, "Account DN / Password missing");

            break;

        case VECS_MISSING_DC_NAME:

            VmAfdLog(VMAFD_DEBUG_ANY, "Invalid domain controller name");

            break;

        default:

            VmAfdLog(
                VMAFD_DEBUG_ANY,
                "Error [%d] getting machine Info",
                dwError);

            break;
    }

    goto cleanup;
}