DWORD
ReadFileContentsToString(std::string FileName, PSTR *ppszData)
{
DWORD dwError = 0;
FILE * fp = NULL;
size_t stDataSize = 0;
PSTR pszFileData = NULL;
DWORD dwReadSize =0;
fflush(NULL); // This prevents writes in Python code which lingers in Memory
#ifdef _WIN32
#define stat _stat
#endif
struct stat filedata = { 0 };
dwError = stat(FileName.c_str(), &filedata);
BAIL_ON_ERROR(dwError);
stDataSize = filedata.st_size;
dwError = VmAfdAllocateMemory(stDataSize + 1,(PVOID*) &pszFileData);
BAIL_ON_ERROR(dwError);
dwError = VmAfdOpenFilePath(FileName.c_str(), "r", &fp, 0);
BAIL_ON_ERROR(dwError);
dwReadSize = fread(pszFileData, 1, stDataSize, fp);
if (dwReadSize != stDataSize)
{
dwError = VECS_GENERIC_FILE_IO;
BAIL_ON_ERROR(dwError);
}
*ppszData = pszFileData;
cleanup:
if (fp != NULL)
{
fclose(fp);
}
return dwError;
error:
VMAFD_SAFE_FREE_MEMORY(pszFileData);
goto cleanup;
}
static
DWORD
VmAfdSrvWriteRootToDisk(
PCSTR pszCertificate,
PCSTR pszCAPath,
PCSTR pszFilename
)
{
DWORD dwError = 0;
LONG maxIndex = -1;
PSTR pszPath = NULL;
PSTR pszAlias = NULL;
FILE* pFile = NULL;
size_t len = 0;
size_t bytesToWrite = 0;
BOOLEAN bCertOnDisk = FALSE;
PCSTR pszCursor = NULL;
dwError = VmAfdFindFileIndex(pszCAPath, pszFilename, &maxIndex);
if (dwError != ERROR_FILE_NOT_FOUND)
{
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VecsComputeCertAliasA((PSTR)pszCertificate, &pszAlias);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdCheckCertOnDisk(
pszAlias,
pszCAPath,
pszFilename,
maxIndex,
&bCertOnDisk);
BAIL_ON_VMAFD_ERROR(dwError);
if (bCertOnDisk)
{
goto cleanup;
}
}
dwError = VmAfdAllocateStringPrintf(
&pszPath,
"%s%s%s.%ld",
pszCAPath,
VMAFD_PATH_SEPARATOR_STR,
pszFilename,
maxIndex+1);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdOpenFilePath(pszPath, "w", &pFile);
BAIL_ON_VMAFD_ERROR(dwError);
len = strlen(pszCertificate);
bytesToWrite = len;
pszCursor = pszCertificate;
while (bytesToWrite > 0)
{
size_t bytesWritten = 0;
if ((bytesWritten = fwrite(pszCursor, 1, len, pFile)) == 0)
{
#ifndef _WIN32
dwError = LwErrnoToWin32Error(errno);
#else
dwError = GetLastError();
#endif
BAIL_ON_VMAFD_ERROR(dwError);
}
pszCursor += bytesWritten;
bytesToWrite -= bytesWritten;
}
cleanup:
if (pFile)
{
fclose(pFile);
}
VMAFD_SAFE_FREE_MEMORY(pszPath);
VMAFD_SAFE_FREE_MEMORY(pszAlias);
return dwError;
error:
goto cleanup;
}
static
DWORD
DirCliGetCertContent(
PCSTR pszCertPath,
PSTR* ppszContent
)
{
DWORD dwError = 0;
size_t fileSize = 0;
FILE* fp = NULL;
size_t bytesToRead = 0;
PSTR pszContent = NULL;
PSTR pszCursor = NULL;
if (IsNullOrEmptyString(pszCertPath))
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdGetFileSize(pszCertPath, &fileSize);
BAIL_ON_VMAFD_ERROR(dwError);
if (fileSize <= 0)
{
dwError = ERROR_FILE_INVALID;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdAllocateMemory(fileSize + 1, (PVOID*)&pszContent);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdOpenFilePath(pszCertPath, "rb", &fp);
BAIL_ON_VMAFD_ERROR(dwError);
bytesToRead = fileSize;
pszCursor = pszContent;
while (!feof(fp) && bytesToRead > 0)
{
size_t bytesRead = 0;
if ((bytesRead = fread(pszCursor, 1, bytesToRead, fp)) == 0)
{
#ifndef _WIN32
dwError = LwErrnoToWin32Error(errno);
#else
dwError = GetLastError();
#endif
BAIL_ON_VMAFD_ERROR(dwError);
}
pszCursor += bytesRead;
bytesToRead -= bytesRead;
}
*ppszContent = pszContent;
cleanup:
if (fp)
{
fclose(fp);
}
return dwError;
error:
*ppszContent = NULL;
VMAFD_SAFE_FREE_MEMORY(pszContent);
goto cleanup;
}
int main(int argc, char* argv[])
{
DWORD dwError = 0;
int retCode = 0;
PSTR pszDomain = NULL;
PSTR pszDomainName = NULL;
PSTR pszUserName = NULL;
PSTR pszPassword = NULL;
PSTR pszPwdFile = NULL;
PSTR pszSiteName = NULL;
PSTR pszPartnerHostName = NULL;
PSTR pszLotusServerName = NULL;
PSTR pszPasswordBuf = NULL;
FILE * fpPwdFile = NULL;
PSTR pszPath = NULL;
PSTR pszLogPathName = NULL;
size_t dPwdLen = 0;
BOOL bLogInitialized = FALSE;
PCSTR pszErrorMsg = NULL;
PSTR pszErrorDesc = NULL;
PCSTR pszLocalhost = "localhost";
PSTR pszPnid = NULL;
DNS_INIT_FLAG dnsInitFlag = DNS_NONE;
#ifdef _WIN32
WSADATA wsaData = { 0 };
BOOLEAN bWsaStartup = FALSE;
#endif
#ifndef _WIN32
setlocale(LC_ALL, "");
#else
dwError = WSAStartup(MAKEWORD(2, 2), &wsaData);
BAIL_ON_VMAFD_ERROR(dwError);
bWsaStartup = TRUE;
#endif
dwError = VmAfCfgInit();
BAIL_ON_VMAFD_ERROR(dwError);
#ifndef _WIN32
dwError = VmAfdAllocateStringA(VMAFD_LOG_PATH, &pszLogPathName );
BAIL_ON_VMAFD_ERROR(dwError);
#else
dwError = VmAfdConfigGetString(VMAFD_SOFTWARE_KEY_PATH, VMAFD_LOGPATH_KEY_VALUE, &pszLogPathName);
BAIL_ON_VMAFD_ERROR(dwError);
#endif
dwError = VmAfdAllocateStringAVsnprintf( &pszPath, "%s%s", pszLogPathName, "vdcpromo.log" );
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmAfdLogInitialize(pszPath, 0, 0);
BAIL_ON_VMAFD_ERROR(dwError);
bLogInitialized = TRUE;
dwError = VmAfdParseArgs(argc,
argv,
&pszDomain,
&pszUserName,
&pszPassword,
&pszSiteName,
&pszPartnerHostName,
&pszLotusServerName,
&pszPwdFile,
&dnsInitFlag);
if (dwError)
{
ShowUsage();
BAIL_ON_VMAFD_ERROR(dwError);
}
if (IsNullOrEmptyString(pszUserName))
{
VmAfdLog(VMAFD_DEBUG_ANY, "Username parameter is not valid");
}
else
{
VmAfdLog(VMAFD_DEBUG_ANY, "Username: \"%s\"", pszUserName);
}
if (!pszPwdFile && IsNullOrEmptyString(pszPassword))
{
VmAfdLog(VMAFD_DEBUG_ANY, "Password parameter is not valid");
}
if (IsNullOrEmptyString(pszDomain))
{
VmAfdLog(VMAFD_DEBUG_ANY, "Domain parameter is not valid");
}
else
{
VmAfdLog(VMAFD_DEBUG_ANY, "Domain: \"%s\"", pszDomain);
}
dwError = VmAfdAllocateMemory(VMAFD_MAX_PWD_LEN+1, (PVOID *)&pszPasswordBuf);
BAIL_ON_VMAFD_ERROR(dwError);
if (pszPassword == NULL && pszPwdFile != NULL)
{
dwError = VmAfdOpenFilePath(pszPwdFile, "rb", &fpPwdFile);
if (dwError != ERROR_SUCCESS)
{
printf("vdcpromo: cannot open password file %s (%u)\n", pszPwdFile, dwError);
dwError = ERROR_LOCAL_PASSWORDFILE_CANNOT_OPEN;
BAIL_ON_VMAFD_ERROR(dwError);
}
if ( (dPwdLen = fread(pszPasswordBuf, 1, VMAFD_MAX_PWD_LEN, fpPwdFile)) == 0)
{
dwError = ERROR_LOCAL_PASSWORDFILE_CANNOT_READ;
printf("vdcpromo: Could not read password file\n");
BAIL_ON_VMAFD_ERROR(dwError);
}
if (*pszPasswordBuf == '\0')
{
VmAfdLog(VMAFD_DEBUG_ANY, "password is empty");
dwError = ERROR_LOCAL_PASSWORD_EMPTY;
BAIL_ON_VMAFD_ERROR(dwError);
}
}
else if (pszPassword != NULL && pszPwdFile == NULL)
{
dwError = VmAfdStringCpyA(pszPasswordBuf, VMAFD_MAX_PWD_LEN, pszPassword);
BAIL_ON_VMAFD_ERROR(dwError);
} else //no password nor password-file, read password from stdin
{
VmAfdReadString("password: "******"Warning: failed to initialize DNS. Error [%d]\n", dwError);
}
else
{
fprintf(stdout, "Successfully initialized DNS.\n");
}
BAIL_ON_VMAFD_ERROR(dwError);
goto cleanup;
}
printf("Initializing Directory server instance ... \n");
fflush(stdout);
dwError = VmAfdPromoteVmDirA(
pszLotusServerName ? pszLotusServerName : pszLocalhost,
pszDomain,
pszUserName,
pszPasswordBuf,
pszSiteName,
pszPartnerHostName);
BAIL_ON_VMAFD_ERROR(dwError);
printf("Directory host instance created successfully\n");
cleanup:
VmAfCfgShutdown();
if (bLogInitialized)
{
VmAfdLogTerminate();
}
#ifdef _WIN32
if (bWsaStartup != FALSE)
{
WSACleanup();
}
#endif
VMAFD_SAFE_FREE_MEMORY(pszPnid);
VMAFD_SAFE_FREE_MEMORY(pszPasswordBuf);
VMAFD_SAFE_FREE_MEMORY(pszPath);
VMAFD_SAFE_FREE_MEMORY(pszLogPathName);
VMAFD_SAFE_FREE_MEMORY(pszErrorDesc);
VMAFD_SAFE_FREE_MEMORY(pszDomainName);
return retCode;
error:
switch (dwError)
{
case ERROR_LOCAL_OPTION_UNKNOWN:
retCode = 2;
pszErrorMsg = "An unknown option was present on the command line.";
break;
case ERROR_LOCAL_OPTION_INVALID:
retCode = 3;
pszErrorMsg = "The options present on the command line are not valid.";
break;
case ERROR_LOCAL_PASSWORDFILE_CANNOT_OPEN:
retCode = 4;
pszErrorMsg = "Could not open password file.\nVerify the path is correct.";
break;
case ERROR_LOCAL_PASSWORDFILE_CANNOT_READ:
retCode = 5;
pszErrorMsg = "Problem reading password file.\nVerify contents of password file.";
break;
case ERROR_LOCAL_PASSWORD_EMPTY:
retCode = 6;
pszErrorMsg = "Invalid password; password cannot be empty.";
break;
case ERROR_CANNOT_CONNECT_VMAFD:
retCode = 20;
pszErrorMsg = "Could not connect to the local service VMware AFD.\nVerify VMware AFD is running.";
break;
case VMDIR_ERROR_CANNOT_CONNECT_VMDIR:
retCode = 21;
pszErrorMsg = "Could not connect to the local service VMware Directory Service.\nVerify VMware Directory Service is running.";
break;
case ERROR_INVALID_CONFIGURATION:
retCode = 22;
pszErrorMsg = "Configuration is not correct.\nFirst boot scripts need to be executed.";
break;
case VMDIR_ERROR_SERVER_DOWN:
retCode = 23;
pszErrorMsg = "Could not connect to VMware Directory Service via LDAP.\nVerify VMware Directory Service is running on the appropriate system and is reachable from this host.";
break;
case VMDIR_ERROR_USER_INVALID_CREDENTIAL:
retCode = 24;
pszErrorMsg = "Authentication to VMware Directory Service failed.\nVerify the username and password.";
break;
case ERROR_ACCESS_DENIED:
retCode = 25;
pszErrorMsg = "Authorization failed.\nVerify account has proper administrative privileges.";
break;
case VMDIR_ERROR_SCHEMA_NOT_COMPATIBLE:
retCode = 26;
pszErrorMsg = "Could not join to the remote service VMWare Directory Service.\nThe remote schema is incompatible with the local schema.";
break;
default:
retCode = 1;
}
if (bLogInitialized)
{
if (pszErrorMsg == NULL)
{
VmAfdLog(VMAFD_DEBUG_ANY, "Vdcpromo failed. Error[%d]", dwError);
}
else
{
VmAfdLog(VMAFD_DEBUG_ANY, "Vdcpromo failed. Error[%d]\n%s", dwError, pszErrorMsg);
}
}
if (pszErrorMsg == NULL)
{
if (!VmAfdGetErrorString(dwError, &pszErrorDesc))
{
printf("Vdcpromo failed. Error %d: %s\n", dwError, pszErrorDesc);
}
else
{
printf("Vdcpromo failed. Error %d.\n", dwError);
}
}
else
{
printf("Vdcpromo failed. Error[%d]\n%s\n", dwError, pszErrorMsg);
}
goto cleanup;
}
static
DWORD
VecsCliReadFromFile(
PCSTR pszFilePath,
PSTR *ppszContent
)
{
DWORD dwError = 0;
PSTR pszContent = NULL;
FILE *stream = NULL;
DWORD dwFileSize = 0;
DWORD dwBytesRead = 0;
if (IsNullOrEmptyString(pszFilePath) ||
!ppszContent
)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VmAfdOpenFilePath(pszFilePath, "r", &stream, 0);
if (!stream)
{
fprintf (
stderr,
"Error: Failed to open file [%s] \n",
pszFilePath
);
BAIL_ON_VMAFD_ERROR (dwError);
}
fseek(stream, 0L, SEEK_END);
dwFileSize = ftell(stream);
fseek(stream, 0L, SEEK_SET);
dwError = VmAfdAllocateMemory (
dwFileSize+1,
(PVOID *)&pszContent
);
BAIL_ON_VMAFD_ERROR (dwError);
dwBytesRead = fread(
pszContent,
sizeof(CHAR),
dwFileSize,
stream
);
if (!dwBytesRead)
{
if (ferror(stream))
{
dwError = GetError();
BAIL_ON_VMAFD_ERROR (dwError);
}
}
pszContent[dwBytesRead] = '\0';
*ppszContent = pszContent;
cleanup:
if (stream)
{
fclose(stream);
}
return dwError;
error:
if (pszContent)
{
VMAFD_SAFE_FREE_MEMORY(pszContent);
}
if (ppszContent)
{
*ppszContent = NULL;
}
goto cleanup;
}
DWORD VecsCliGetKeyA(
PVMAFD_SERVER pServer,
PCSTR pszStoreName,
PCSTR pszPassword,
PCSTR pszAlias,
PCSTR pszOutputFilePath,
DWORD dwFormatAsText,
PCSTR pszKeyPassword
)
{
DWORD dwError = 0;
PVECS_STORE pStore = NULL;
PVECS_CERT_ENTRY_A pCertEntry = NULL;
PSTR pszKey = NULL;
FILE *stream = NULL;
if (IsNullOrEmptyString(pszStoreName) ||
IsNullOrEmptyString(pszAlias)
)
{
fprintf (
stderr,
"Error: The store name [%s] or the Alias [%s] is invalid \n",
VMAFD_SAFE_STRING(pszStoreName),
VMAFD_SAFE_STRING(pszAlias)
);
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VecsOpenCertStoreHA(
pServer,
pszStoreName,
pszPassword,
&pStore
);
BAIL_ON_VECS_CLI_ERROR (dwError, "Failed to open the store.");
dwError = VecsGetEntryByAliasA(
pStore,
pszAlias,
ENTRY_INFO_LEVEL_1,
&pCertEntry
);
BAIL_ON_VMAFD_ERROR (dwError);
if (pCertEntry->entryType == CERT_ENTRY_TYPE_TRUSTED_CERT)
{
fprintf (
stderr,
"Error: No key was found for entry [%s] of type [%s]\n",
pszAlias,
VecsMapEntryType (CERT_ENTRY_TYPE_TRUSTED_CERT)
);
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VecsGetKeyByAliasA(
pStore,
pszAlias,
pszKeyPassword,
&pszKey
);
BAIL_ON_VMAFD_ERROR (dwError);
if (!(IsNullOrEmptyString(pszOutputFilePath)))
{
dwError = VmAfdOpenFilePath(pszOutputFilePath, "w+", &stream, 0);
BAIL_ON_VMAFD_ERROR (dwError);
}
if (dwFormatAsText)
{
dwError = VecsCliPrintKey(pszKey);
BAIL_ON_VMAFD_ERROR (dwError);
}
if (stream)
{
fprintf(
stream,
"%s\n",
pszKey?pszKey:""
);
fclose(stream);
stream = NULL;
dwError = VmAfdRestrictFilePermissionToSelf(pszOutputFilePath);
BAIL_ON_VMAFD_ERROR(dwError);
}
else if (!dwFormatAsText)
{
fprintf (
stdout,
"%s\n",
pszKey?pszKey:""
);
}
cleanup:
VMAFD_SAFE_FREE_MEMORY(pszKey);
if (pStore)
{
VecsCloseCertStore (pStore);
}
return dwError;
error:
if (stream)
{
fclose(stream);
}
goto cleanup;
}
