DWORD
VmAfdSetSecurityDescriptor (
PVECS_SERV_STORE pStore,
PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptor
)
{
DWORD dwError = 0;
if (!pSecurityDescriptor ||
!pStore
)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VecsDbSetSecurityDescriptor (
pStore->dwStoreId,
pSecurityDescriptor
);
BAIL_ON_VMAFD_ERROR (dwError);
cleanup:
return dwError;
error:
goto cleanup;
}
DWORD
VmAfdSetSecurityDescriptorForHandle (
PVECS_SRV_STORE_HANDLE pStore,
PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptor
)
{
DWORD dwError = 0;
PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptorTmp = NULL;
PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptorToClean = NULL;
BOOL bIsHoldingLock = FALSE;
if (!pStore ||
!pSecurityDescriptor
)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdCopySecurityDescriptor (
pSecurityDescriptor,
&pSecurityDescriptorTmp
);
BAIL_ON_VMAFD_ERROR (dwError);
VMAFD_LOCK_MUTEX_EXCLUSIVE (&gVmafdGlobals.rwlockStoreMap, bIsHoldingLock);
dwError = VecsDbSetSecurityDescriptor (
gVecsGlobalStoreMap[pStore->dwStoreHandle].pStore->dwStoreId,
pSecurityDescriptorTmp
);
BAIL_ON_VMAFD_ERROR (dwError);
pSecurityDescriptorToClean =
gVecsGlobalStoreMap[pStore->dwStoreHandle].pSecurityDescriptor;
VmAfdCleanSecurityDescriptor (pSecurityDescriptorTmp);
gVecsGlobalStoreMap[pStore->dwStoreHandle].pSecurityDescriptor =
pSecurityDescriptorTmp;
cleanup:
if (pSecurityDescriptorToClean)
{
VmAfdFreeSecurityDescriptor(pSecurityDescriptorToClean);
}
VMAFD_LOCK_MUTEX_UNLOCK (&gVmafdGlobals.rwlockStoreMap, bIsHoldingLock);
return dwError;
error:
if (pSecurityDescriptorTmp)
{
VmAfdFreeSecurityDescriptor (pSecurityDescriptorTmp);
}
goto cleanup;
}
DWORD
VecsSrvCreateCertStoreWithAuth (
PCWSTR pszStoreName,
PCWSTR pszPassword,
PVM_AFD_CONNECTION_CONTEXT pConnectionContext,
PVECS_SRV_STORE_HANDLE *ppStore
)
{
DWORD dwError = 0;
DWORD dwDeleteError = 0;
PVECS_SRV_STORE_HANDLE pStore = NULL;
PVMAFD_SECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
PVECS_SERV_STORE pStoreInstance = NULL;
BOOL bIsHoldingLock = FALSE;
pthread_mutex_lock (&gVmafdGlobals.mutexCreateStore);
bIsHoldingLock = TRUE;
dwError = VecsSrvCreateCertStore (
pszStoreName,
pszPassword,
&pStoreInstance
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VmAfdInitializeSecurityDescriptor(
pConnectionContext->pSecurityContext,
1,
&pSecurityDescriptor
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VecsDbSetSecurityDescriptor (
pStoreInstance->dwStoreId,
pSecurityDescriptor
);
BAIL_ON_VMAFD_ERROR (dwError);
dwError = VmAfdGetStoreHandle (
(PWSTR)pszStoreName,
(PWSTR)pszPassword,
pConnectionContext->pSecurityContext,
&pStore
);
BAIL_ON_VMAFD_ERROR (dwError);
pthread_mutex_unlock (&gVmafdGlobals.mutexCreateStore);
bIsHoldingLock = FALSE;
*ppStore = pStore;
cleanup:
if (pSecurityDescriptor)
{
VmAfdFreeSecurityDescriptor (pSecurityDescriptor);
}
if (bIsHoldingLock)
{
pthread_mutex_unlock(&gVmafdGlobals.mutexCreateStore);
}
VMAFD_SAFE_FREE_MEMORY (pStoreInstance);
return dwError;
error:
if (dwError != ERROR_ALREADY_EXISTS)
{
dwDeleteError = VecsSrvDeleteCertStore(pszStoreName);
}
if (ppStore)
{
*ppStore = NULL;
}
if (pStore)
{
VmAfdReleaseStoreHandle (pStore);
}
goto cleanup;
}
