DWORD VmAfdSetSecurityDescriptor ( PVECS_SERV_STORE pStore, PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptor ) { DWORD dwError = 0; if (!pSecurityDescriptor || !pStore ) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR (dwError); } dwError = VecsDbSetSecurityDescriptor ( pStore->dwStoreId, pSecurityDescriptor ); BAIL_ON_VMAFD_ERROR (dwError); cleanup: return dwError; error: goto cleanup; }
DWORD VmAfdSetSecurityDescriptorForHandle ( PVECS_SRV_STORE_HANDLE pStore, PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptor ) { DWORD dwError = 0; PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptorTmp = NULL; PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptorToClean = NULL; BOOL bIsHoldingLock = FALSE; if (!pStore || !pSecurityDescriptor ) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR (dwError); } dwError = VmAfdCopySecurityDescriptor ( pSecurityDescriptor, &pSecurityDescriptorTmp ); BAIL_ON_VMAFD_ERROR (dwError); VMAFD_LOCK_MUTEX_EXCLUSIVE (&gVmafdGlobals.rwlockStoreMap, bIsHoldingLock); dwError = VecsDbSetSecurityDescriptor ( gVecsGlobalStoreMap[pStore->dwStoreHandle].pStore->dwStoreId, pSecurityDescriptorTmp ); BAIL_ON_VMAFD_ERROR (dwError); pSecurityDescriptorToClean = gVecsGlobalStoreMap[pStore->dwStoreHandle].pSecurityDescriptor; VmAfdCleanSecurityDescriptor (pSecurityDescriptorTmp); gVecsGlobalStoreMap[pStore->dwStoreHandle].pSecurityDescriptor = pSecurityDescriptorTmp; cleanup: if (pSecurityDescriptorToClean) { VmAfdFreeSecurityDescriptor(pSecurityDescriptorToClean); } VMAFD_LOCK_MUTEX_UNLOCK (&gVmafdGlobals.rwlockStoreMap, bIsHoldingLock); return dwError; error: if (pSecurityDescriptorTmp) { VmAfdFreeSecurityDescriptor (pSecurityDescriptorTmp); } goto cleanup; }
DWORD VecsSrvCreateCertStoreWithAuth ( PCWSTR pszStoreName, PCWSTR pszPassword, PVM_AFD_CONNECTION_CONTEXT pConnectionContext, PVECS_SRV_STORE_HANDLE *ppStore ) { DWORD dwError = 0; DWORD dwDeleteError = 0; PVECS_SRV_STORE_HANDLE pStore = NULL; PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptor = NULL; PVECS_SERV_STORE pStoreInstance = NULL; BOOL bIsHoldingLock = FALSE; pthread_mutex_lock (&gVmafdGlobals.mutexCreateStore); bIsHoldingLock = TRUE; dwError = VecsSrvCreateCertStore ( pszStoreName, pszPassword, &pStoreInstance ); BAIL_ON_VMAFD_ERROR (dwError); dwError = VmAfdInitializeSecurityDescriptor( pConnectionContext->pSecurityContext, 1, &pSecurityDescriptor ); BAIL_ON_VMAFD_ERROR (dwError); dwError = VecsDbSetSecurityDescriptor ( pStoreInstance->dwStoreId, pSecurityDescriptor ); BAIL_ON_VMAFD_ERROR (dwError); dwError = VmAfdGetStoreHandle ( (PWSTR)pszStoreName, (PWSTR)pszPassword, pConnectionContext->pSecurityContext, &pStore ); BAIL_ON_VMAFD_ERROR (dwError); pthread_mutex_unlock (&gVmafdGlobals.mutexCreateStore); bIsHoldingLock = FALSE; *ppStore = pStore; cleanup: if (pSecurityDescriptor) { VmAfdFreeSecurityDescriptor (pSecurityDescriptor); } if (bIsHoldingLock) { pthread_mutex_unlock(&gVmafdGlobals.mutexCreateStore); } VMAFD_SAFE_FREE_MEMORY (pStoreInstance); return dwError; error: if (dwError != ERROR_ALREADY_EXISTS) { dwDeleteError = VecsSrvDeleteCertStore(pszStoreName); } if (ppStore) { *ppStore = NULL; } if (pStore) { VmAfdReleaseStoreHandle (pStore); } goto cleanup; }