3.1.4.41 RRPC_FWQueryAuthenticationSets (Opnum 40)

The RRPC_FWQueryAuthenticationSets (Opnum 40) method requests the server to return all the authentication sets that match the specified query object that are contained in the store referenced by the hPolicy handle. The method returns a linked list of all the authentication set objects. The only method supported is binary version 0x020A.

 unsigned long RRPC_FWQueryAuthenticationSets(
   [in] FW_CONN_HANDLE rpcConnHandle,
   [in] FW_POLICY_STORE_HANDLE hPolicy,
   [in, range(FW_IPSEC_PHASE_INVALID+1, FW_IPSEC_PHASE_MAX-1)] 
     FW_IPSEC_PHASE IPsecPhase,
   [in] PFW_QUERY pQuery,
   [in] unsigned short wFlags,
   [out, ref] unsigned long* pdwNumSets,
   [out] PFW_AUTH_SET2_10* ppAuthSets
 );

rpcConnHandle: This parameter is an RPC binding handle that connects to the RPC interface of the Firewall and Advanced Security Protocol.

hPolicy: This input parameter is an FW_POLICY_STORE_HANDLE data type. The data type MUST contain an opened policy store handle, successfully opened with the RRPC_FWOpenPolicyStore (Opnum 0) method. This handle MUST be of the FW_STORE_TYPE_DYNAMIC store.

IPsecPhase: This parameter specifies the specific IPsec negotiation phase to which this set applies.

pQuery: This parameter represents the query object that the client wants to use to specify which main mode rules MUST be retrieved from the store. The query object MUST be valid, as specified in the definition of the FW_QUERY data type.

wFlags: This parameter is a combination of flags from the FW_ENUM_RULES_FLAGS enumeration, which modifies the behavior of the method and performs operations on the rules before returning them in the linked list.

pdwNumSets: This is an output parameter that, on success, MUST be equal to the number of sets returned.

ppAuthSets: This is an output parameter that on success contains a linked list of FW_AUTH_SET2_10 data types.

Return Values: The method returns 0 if successful; if it fails, it returns a nonzero error code. The field can take any specific error code value, as specified in [MS-ERREF]. The following return values are common.

Return value/code

Description

0x00000005

ERROR_ACCESS_DENIED

The client does not have the required credentials to call the method.

0x00000057

ERROR_INVALID_PARAMETER

One of the parameters of this method is incorrect or is required but not specified. This error can be returned in the following cases:

- One of the required values is not specified.

- The dwProfileFilter parameter contains invalid profiles.

Exceptions Thrown: No exceptions are thrown beyond those thrown by the underlying RPC protocol, as specified in [MS-RPCE]. If any lower-layer errors are reported by RPC exception, this exception is converted to an error code and reported to higher-layer protocols via the return value.

The server MUST validate that the client is authorized to perform the requested operation (as defined in section 3.1.4) before executing this method.