static DWORD VmAfdGetDbPath( PSTR *ppszDbPath ) { DWORD dwError = 0; PSTR pszDbBasePath = NULL; PSTR pszDbPath = NULL; DWORD dwPathLength = 0; dwError = VecsSrvGetDBBasePath( &pszDbBasePath ); BAIL_ON_VMAFD_ERROR (dwError); dwPathLength = VmAfdStringLenA(pszDbBasePath) + VmAfdStringLenA(VMAFD_CERT_DB_FILE) + 1; dwError = VmAfdAllocateMemory( dwPathLength, (PVOID *)&pszDbPath ); BAIL_ON_VMAFD_ERROR (dwError); dwError = VmAfdStringPrintFA( pszDbPath, dwPathLength, "%s%s", pszDbBasePath, VMAFD_CERT_DB_FILE ); BAIL_ON_VMAFD_ERROR (dwError); *ppszDbPath = pszDbPath; cleanup: VMAFD_SAFE_FREE_STRINGA (pszDbBasePath); return dwError; error: if (ppszDbPath) { *ppszDbPath = NULL; } VMAFD_SAFE_FREE_STRINGA (pszDbPath); goto cleanup; }
/* * If pszServerName is in IP format, use it as Lotus Server Name. * If pszServerName is NOT "localhost" which means caller specify a name they prefer, use it as the Lotus Server Name. * * Otherwise, derive FQDN based on existing network naming configuration. * i.e. Call gethostname then perform forward+reverse lookup to derive the FQDN as Lotus Server Name. * The forward+reverse look up is for kerberos naming consistency between server (Lotus) and clients, which * could be Lotus or open sources, e.g. openldap. * However, this auto name resolution is error-prone as system could have multiple IF(s) defined and * we have no idea which IF we should pick to perform reverse lookup. * Thus, the best chance to get Kerberos working is - customer provides proper FQDN as Lotus Server Name. */ static DWORD VmAfSrvGetLotusServerName( PCSTR pszServerName, PSTR* ppOutServerName ) { DWORD dwError = 0; PSTR pszHostnameCanon = NULL; PSTR pszLocalHostName = NULL; PSTR pszFQDN = NULL; if ( !pszServerName || !ppOutServerName ) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR(dwError); } if ( VmAfdStringCompareA( pszServerName, "localhost", FALSE ) != 0 ) { // caller provides preferred Lotus Server Name or IP dwError = VmAfdAllocateStringA( pszServerName, &pszHostnameCanon ); BAIL_ON_VMAFD_ERROR(dwError); } else { // caller does NOT specify preferred Lotus Server Name, derives it ourselves. dwError = VmAfdGetHostName(&pszLocalHostName); BAIL_ON_VMAFD_ERROR(dwError); dwError = VmAfdGetCanonicalHostName(pszLocalHostName, &pszHostnameCanon); BAIL_ON_VMAFD_ERROR(dwError); } BAIL_ON_VMAFD_EMPTY_STRING(pszHostnameCanon, dwError); if (!VmAfdCheckIfIPV4AddressA(pszHostnameCanon) && !VmAfdCheckIfIPV6AddressA(pszHostnameCanon) && pszHostnameCanon[VmAfdStringLenA(pszHostnameCanon) - 1] != '.') { dwError = VmAfdAllocateStringPrintf( &pszFQDN, "%s.", pszHostnameCanon); BAIL_ON_VMAFD_ERROR(dwError); } else { pszFQDN = pszHostnameCanon; pszHostnameCanon = NULL; } *ppOutServerName = pszFQDN; VmAfdLog(VMAFD_DEBUG_ANY, "Lotus server name: (%s)", *ppOutServerName); cleanup: VMAFD_SAFE_FREE_MEMORY(pszHostnameCanon); return dwError; error: VMAFD_SAFE_FREE_MEMORY(pszFQDN); VmAfdLog(VMAFD_DEBUG_ANY, "%s failed (%s). Error(%u)", __FUNCTION__, pszServerName, dwError); goto cleanup; }