DWORD
VmAfdCheckAclContext(
PVM_AFD_CONNECTION_CONTEXT pConnectionContext,
PSTR pszSddlAcl,
BOOL *pbIsAllowed
)
{
DWORD dwError = 0;
BOOL bIsAllowed = FALSE;
BAIL_ON_VMAFD_INVALID_POINTER(pConnectionContext, dwError);
dwError = gIPCVtable.pfnCheckAclContext(
pConnectionContext,
pszSddlAcl,
&bIsAllowed
);
BAIL_ON_VMAFD_ERROR(dwError);
*pbIsAllowed = bIsAllowed;
cleanup:
return dwError;
error:
goto cleanup;
}
static
DWORD
VmAfdBuildTokenGroups(
gid_t *pGidList,
DWORD dwGidListLen,
PTOKEN_GROUPS *ppTokenGroups)
{
DWORD dwError = 0;
PTOKEN_GROUPS pTokenGroups = NULL;
unsigned int i = 0;
BAIL_ON_VMAFD_INVALID_POINTER(pGidList, dwError);
BAIL_ON_VMAFD_INVALID_POINTER(ppTokenGroups, dwError);
dwError = VmAfdAllocateMemory(
sizeof(TOKEN_GROUPS) + (sizeof(SID_AND_ATTRIBUTES) * dwGidListLen),
(PVOID*)&pTokenGroups);
BAIL_ON_VMAFD_ERROR(dwError);
for (i = 0; i < dwGidListLen; i++)
{
dwError = VmAfdAllocateSidFromGid(
pGidList[i],
&pTokenGroups->Groups[i].Sid);
BAIL_ON_VMAFD_ERROR(dwError);
pTokenGroups->Groups[i].Attributes = SE_GROUP_ENABLED;
}
pTokenGroups->GroupCount = dwGidListLen;
*ppTokenGroups = pTokenGroups;
cleanup:
return dwError;
error:
VmAfdFreeTokenGroups(pTokenGroups);
goto cleanup;
}
DWORD
VmAfdGeneratePtrNameFromIp(
PCSTR pszIPAddress,
PSTR* ppszPtrName
)
{
DWORD dwError = 0;
DWORD dwAddr = 0;
PSTR pszPtrName = NULL;
BYTE* pByte = NULL;
DWORD ret = 0;
int af = AF_INET;
unsigned char buf[sizeof(struct in6_addr)];
BAIL_ON_VMAFD_EMPTY_STRING(pszIPAddress, dwError);
BAIL_ON_VMAFD_INVALID_POINTER(ppszPtrName, dwError);
if (VmAfdStringChrA(pszIPAddress, ':'))
{
af = AF_INET6;
}
ret = inet_pton(af, pszIPAddress, buf);
if (ret <= 0)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
if (af == AF_INET)
{
dwAddr = ((struct in_addr*)buf)->s_addr;
// See RFC 1035 for name format
// In short, record name is octets in reverse order appened with "in-addr.arpa".
// Example: 11.1.193.128.in-addr.arpa
dwError = VmAfdAllocateStringPrintf(
&pszPtrName,
"%d.%d.%d.%d%s.",
(dwAddr & 0xFF000000) >> 24,
(dwAddr & 0xFF0000) >> 16,
(dwAddr & 0xFF00) >> 8,
(dwAddr & 0xFF),
PTR_NAME_SUFFIX_IP4
);
BAIL_ON_VMAFD_ERROR(dwError);
}
static
DWORD
VmAfdConfigGetString(
PCSTR pszSubKey, /* IN */
PCSTR pszValueName, /* IN */
PSTR* ppszValue /* OUT */
)
{
DWORD dwError = 0;
PVMAF_CFG_CONNECTION pConnection = NULL;
PVMAF_CFG_KEY pRootKey = NULL;
PVMAF_CFG_KEY pParamsKey = NULL;
PSTR pszValue = NULL;
BAIL_ON_VMAFD_INVALID_POINTER(ppszValue, dwError);
dwError = VmAfConfigOpenConnection(&pConnection);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigOpenRootKey(
pConnection,
"HKEY_LOCAL_MACHINE",
0,
KEY_READ,
&pRootKey);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigOpenKey(
pConnection,
pRootKey,
pszSubKey,
0,
KEY_READ,
&pParamsKey);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigReadStringValue(
pParamsKey,
NULL,
pszValueName,
&pszValue);
BAIL_ON_VMAFD_ERROR(dwError);
*ppszValue = pszValue;
cleanup:
if (pParamsKey)
{
VmAfConfigCloseKey(pParamsKey);
}
if (pRootKey)
{
VmAfConfigCloseKey(pRootKey);
}
if (pConnection)
{
VmAfConfigCloseConnection(pConnection);
}
return dwError;
error:
if (ppszValue)
{
*ppszValue = NULL;
}
goto cleanup;
}
static
DWORD
VmAfdGetGroupList(
uid_t userId,
gid_t *pPrimaryGid,
gid_t **ppGidList,
DWORD *pdwGidListLen)
{
DWORD dwError = 0;
int iStatus = 0;
gid_t *pGidList = NULL;
int iGidListLen = 0;
struct passwd pwd = { 0 };
struct passwd *pResult = NULL;
size_t bufsize = 0;
char* pBuffer = NULL;
BAIL_ON_VMAFD_INVALID_POINTER(ppGidList, dwError);
bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
if (bufsize == -1)
{
bufsize = MAX_GWTPWR_BUF_LENGTH;
}
dwError = VmAfdAllocateMemory(
bufsize,
(PVOID*)&pBuffer);
BAIL_ON_VMAFD_ERROR(dwError);
iStatus = getpwuid_r(userId, &pwd, pBuffer, bufsize, &pResult);
if (!pResult)
{
dwError = LwErrnoToWin32Error(iStatus);
BAIL_ON_VMAFD_ERROR(dwError);
}
iGidListLen = 0;
iStatus = getgrouplist(
pwd.pw_name,
pwd.pw_gid,
NULL,
&iGidListLen);
if (iStatus == -1 && iGidListLen > 0)
{
dwError = VmAfdAllocateMemory(
iGidListLen * sizeof(gid_t),
(PVOID *)&pGidList);
BAIL_ON_VMAFD_ERROR(dwError);
iStatus = getgrouplist(
pwd.pw_name,
pwd.pw_gid,
pGidList,
&iGidListLen);
if (iStatus == -1)
{
dwError = LwErrnoToWin32Error(iStatus);
BAIL_ON_VMAFD_ERROR(dwError);
}
}
*pPrimaryGid = pwd.pw_gid;
*ppGidList = pGidList;
*pdwGidListLen = iGidListLen;
cleanup:
VMAFD_SAFE_FREE_MEMORY(pBuffer);
return dwError;
error:
VMAFD_SAFE_FREE_MEMORY(pGidList);
goto cleanup;
}
DWORD
VmAfdRegGetInteger(
PCSTR pszValueName, /* IN */
PDWORD pdwValue /* OUT */
)
{
DWORD dwError = 0;
PVMAF_CFG_CONNECTION pConnection = NULL;
PVMAF_CFG_KEY pRootKey = NULL;
PVMAF_CFG_KEY pParamsKey = NULL;
PCSTR pszSubKey = VMAFD_CONFIG_PARAMETER_KEY_PATH;
DWORD dwValue = 0;
BAIL_ON_VMAFD_INVALID_POINTER(pdwValue, dwError);
dwError = VmAfConfigOpenConnection(&pConnection);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigOpenRootKey(
pConnection,
"HKEY_LOCAL_MACHINE",
0,
KEY_READ,
&pRootKey);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigOpenKey(
pConnection,
pRootKey,
pszSubKey,
0,
KEY_READ,
&pParamsKey);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfConfigReadDWORDValue(
pParamsKey,
NULL,
pszValueName,
&dwValue);
BAIL_ON_VMAFD_ERROR(dwError);
*pdwValue = dwValue;
cleanup:
if (pParamsKey)
{
VmAfConfigCloseKey(pParamsKey);
}
if (pRootKey)
{
VmAfConfigCloseKey(pRootKey);
}
if (pConnection)
{
VmAfConfigCloseConnection(pConnection);
}
return dwError;
error:
goto cleanup;
}
