windows-server-2003/inetcore/urlmon/zones/secmgr.h

//  File:       secmgr.h
//
//  Contents:   The object that implements the base IInternetSecurityManager interface
//
//  Classes:    CSecurityManager
//
//  Functions:
//
//  History: 
//
//----------------------------------------------------------------------------

#ifndef _SECMGR_H_
#define _SECMGR_H_

#pragma warning(disable:4200)

#define MAX_SEC_MGR_CACHE   4
#define URLZONE_INVALID     URLZONE_USER_MAX+1

#define MUTZ_NOCACHE    0x80000000  // start private flags from high end

#define TSZMICROSOFTPATH                  TEXT("Software\\Microsoft")
#define TSZIEPATH                               TSZMICROSOFTPATH TEXT("\\Internet Explorer")
#define REGSTR_PATH_IE_MAIN                 TSZIEPATH TEXT("\\Main")
#define REGVAL_TRUSTDLG_ENABLED             TEXT("DisplayTrustAlertDlg")

// private function only exported by ordinal:
#define SHOWURLINNEWBROWSERINSTANCE_ORDINAL    230       
typedef HRESULT (STDAPICALLTYPE * SHOWURLINNEWBROWSERINSTANCE)(LPCWSTR);
    
struct ZONEMAP_COMPONENTS;

struct RANGE_ITEM
{
    BYTE  bLow[4];    // high byte values for range
    BYTE  bHigh[4];   // low byte values for range
    TCHAR szName[1];  // actually variable length
};

// This structure is used to exchange data between the security manager 
// and the dialog proc's.
struct DlgData 
{
    DWORD dwAction;
    DWORD dwZone;
    LPCWSTR pstr;
    DWORD dwFlags;

    // TrustAlertDialogProc use:
    IInternetSecurityManager *pSecurityManager;
    BOOL bFromShdocvw;
};

typedef DlgData * LPDLGDATA;

class CSecurityManager : public IInternetSecurityManager
{
public:
    // IUnknown methods
    STDMETHODIMP QueryInterface(REFIID iid, void **ppvObj);
    STDMETHODIMP_(ULONG) AddRef(void);
    STDMETHODIMP_(ULONG) Release(void);

    STDMETHODIMP MapUrlToZone( 
        /* [in] */ LPCWSTR pwszUrl,
        /* [out] */ DWORD *pdwZone,
        /* [in] */ DWORD dwReserved);

    STDMETHODIMP GetSecurityId( 
        /* [in] */ LPCWSTR pwszUrl,
        /* [size_is][out] */ BYTE* pbSecurityId,
        /* [out][in] */ DWORD *pcbSecurityId,
        /* [in] */ DWORD_PTR dwReserved);
        
    STDMETHODIMP ProcessUrlAction( 
        /* [in] */ LPCWSTR pwszUrl,
        /* [in] */ DWORD dwAction,
        /* [size_is][out] */ BYTE *pPolicy,
        /* [in] */ DWORD cbPolicy,
        /* [in] */ BYTE *pContext,
        /* [in] */ DWORD cbContext,
        /* [in] */ DWORD dwFlags,
        /* [in] */ DWORD dwReserved);
        
    STDMETHODIMP QueryCustomPolicy(
        /* [in] */ LPCWSTR     pwszUrl,
        /* [in] */ REFGUID     guidKey,
        /* [size_is][size_is][out] */ BYTE **ppPolicy,
        /* [out] */ DWORD *pcbPolicy,
        /* [in] */ BYTE *pContext,
        /* [in] */ DWORD cbContext,
        /* [in] */ DWORD dwReserved
    );

    STDMETHODIMP SetSecuritySite(
        /* [in] */  IInternetSecurityMgrSite *pSite
    );

    STDMETHODIMP GetSecuritySite(
        /* [out] */  IInternetSecurityMgrSite **ppSite
    );

    STDMETHODIMP SetZoneMapping( 
        /* [in] */ DWORD dwZone,
        /* [in] */ LPCWSTR lpszPattern,
        /* [in] */ DWORD dwFlags);
    
    STDMETHODIMP GetZoneMappings( 
        /* [in] */ DWORD dwZone,
        /* [out] */ IEnumString **ppEnumString,
        /* [in] */ DWORD dwFlags);

// Constructors/destructors
public:
    CSecurityManager(IUnknown *pUnkOuter, IUnknown **ppUnkInner);
    virtual ~CSecurityManager();

    static BOOL GlobalInit( ) ;
            
    static BOOL GlobalCleanup( );


// Aggregation and RefCount support.
protected:
    CRefCount m_ref;
        
    class CPrivUnknown : public IUnknown
    {
    public:
        STDMETHOD(QueryInterface) ( REFIID riid, LPVOID FAR* ppvObj);
        STDMETHOD_(ULONG,AddRef) (void);
        STDMETHOD_(ULONG,Release) (void);

        ~CPrivUnknown() {}
        CPrivUnknown() : m_ref () {}

    private:
        CRefCount   m_ref;          // the total refcount of this object
    };

    friend class CPrivUnknown;
    CPrivUnknown m_Unknown;

    IUnknown*   m_pUnkOuter;

    STDMETHODIMP_(ULONG) PrivAddRef()
    {
        return m_Unknown.AddRef();
    }
    STDMETHODIMP_(ULONG) PrivRelease()
    {
        return m_Unknown.Release();
    }

protected:

    BOOL EnsureZoneManager();
    VOID PickZCString(ZONEMAP_COMPONENTS *pzc, LPCWSTR *ppwsz, DWORD *pcch, LPCWSTR pwszDocDomain);

    // Helper methods to deal with IP Rules
    HRESULT ReadAllIPRules( );
    HRESULT AddDeleteIPRule(ZONEMAP_COMPONENTS *pzc, DWORD dwZone, DWORD dwFlags);

    // helper methods to do GetZoneMappings.
    HRESULT AddUrlsToEnum(CRegKey *pRegKey, DWORD dwZone, LPCTSTR lpsz, int cch, BOOL bAddWildCard, CEnumString *);
    HRESULT AddIPRulesToEnum(DWORD dwZone, CEnumString *);

    static HRESULT ComposeUrlSansProtocol(LPCTSTR pszDomain, int cchDomain, LPCTSTR pszSite, int cchSite,
                                        LPTSTR * ppszRet, int * cchRet);
    static HRESULT ComposeUrl(LPCTSTR pszUrlSansProt, int cchUrlSansProt, LPCTSTR pszProt, int cchProt, BOOL bAddWildCard,
                                LPTSTR * ppszRet, int * cchRet);

protected:  // UI related definitions.

    enum    { MAX_ALERT_SIZE = 256 };
    // Return values from DialogProc's
    enum  {  ZALERT_NO = 0 /* should be 0*/ , ZALERT_YES, ZALERT_YESPERSIST };

    // helper methods to display generic UI.
    static DWORD GetAlertIdForAction(DWORD dwAction);
    static DWORD GetWarnIdForAction(DWORD dwAction);

    // Dialog proc's etc.
    static BOOL    IsScriptOrActiveXHardenedInternet(DWORD dwAction, DWORD dwPermissions, DWORD dwZone);
    static BOOL    IsSiteInZone(LPCWSTR pszUrl, DWORD dwZone, IInternetSecurityManager *pSecMgr);
    static BOOL    ShowAddToSitesList(HWND hwnd, LPCWSTR pszUrl, DWORD dwZone);
    static HWND    SetControlText(HWND hDlg, UINT ctrlID, DWORD dwStrId, LPCWSTR pszDomain = NULL);
    static BOOL    IsHostedInIE(IUnknown* punk);
    static BOOL     IsBrowserHosted();
    static void     ShowUrlInNewBrowserInstance(LPCWSTR pwszUrl);

public:
    static INT_PTR TrustAlertDialogProc(HWND hDlg, UINT iMsg, WPARAM wParam, LPARAM lParam);

protected:
    static INT_PTR ZonesAlertDialogProc(HWND hDlg, UINT iMsg, WPARAM wParam, LPARAM lParam); 
    static INT_PTR ZonesWarnDialogProc(HWND hDlg, UINT iMsg, WPARAM wParam, LPARAM lParam); 

    static inline BOOL IsFormsSubmitAction(DWORD dwAction);

    static INT_PTR FormsAlertDialogProc(HWND hDlg, UINT iMsg, WPARAM wParam, LPARAM lParam);
                
    INT CSecurityManager::ShowFormsAlertDialog(HWND hwndParent, LPDLGDATA lpDlgData);

protected: 
    // Methods to help Map a URL to a zone. 

    HRESULT MapUrlToZone
        (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, DWORD dwFlags, BOOL *pfMarked = NULL, LPWSTR *ppszURLMark = NULL);

    HRESULT WrapMapUrlToZone(LPCWSTR pwszSecUrl, ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, DWORD dwFlags,
                                BOOL *pfMarked, LPWSTR *ppszMarkURL);

    HRESULT CheckAddressAgainstRanges
        (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt);

    HRESULT CheckSiteAndDomainMappings
        (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt, BOOL fCheckHardenKey = FALSE);

    HRESULT CheckUNCAsIntranet
        (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt);

    HRESULT CheckIntranetName
        (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt);

    HRESULT CheckProxyBypassRule
        (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt);

    HRESULT CheckMKURL
        (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt);

protected:
    // Class to remember persistent actions.
    class CPersistAnswers 
    {
    public:
            CPersistAnswers( ) : m_pAnswerEntry(NULL) { };
            ~CPersistAnswers( );

    public:
       BOOL GetPrevAnswer(LPCWSTR pszUrl, DWORD dwAction, INT* piAnswer);
        VOID RememberAnswer(LPCWSTR pszUrl, DWORD dwAction, INT iAnswer);
        static inline BOOL IsPersistentAnswerAction(DWORD dwAction);

    private:                            
        struct CAnswerEntry 
        {
            // Construction
            CAnswerEntry(LPCWSTR pszUrl, DWORD dwAction, INT iAnswer);
            ~CAnswerEntry( );

            // Methods.
            BOOL MatchEntry (LPCWSTR pszUrl, DWORD dwAction);
            INT GetAnswer( ) const { return m_iAnswer; }
            LPCWSTR GetUrl( ) const { return m_pszUrl; }
            CAnswerEntry * GetNext( ) const { return m_pNext; }
            VOID SetNext(CAnswerEntry * pNext) { m_pNext = pNext; }

            private:
            CAnswerEntry * m_pNext;
            LPWSTR m_pszUrl;
            DWORD  m_dwAction;
            INT    m_iAnswer;
        };

        CAnswerEntry* m_pAnswerEntry;
    };

    CPersistAnswers m_persistAnswers;

// Methods/members to support caching so we optimize MapUrlToZone, etc.
protected:

    class CSecMgrCache {
    public:
        CSecMgrCache(void);
        ~CSecMgrCache(void);

        BOOL Lookup(LPCWSTR pwszURL,
                    DWORD *pdwZone = NULL,
                    BOOL *pfMarked = NULL,
                    BYTE *pbSecurityID = NULL,
                    DWORD *pcbSecurityID = NULL, 
                    LPCWSTR pwszDocDomain = NULL);
        void Add(LPCWSTR pwszURL,
                 DWORD dwZone,
                 BOOL fMarked,
                 const BYTE *pbSecurityID = NULL,
                 DWORD cbSecurityID = NULL,
                 LPCWSTR pwszDocDomain = NULL );
        void Flush(void);

        static VOID IncrementGlobalCounter( );

    protected:

        // Counters to flag cross-process cache invalidation.
        DWORD         m_dwPrevCounter ; // Global counter so we can correctly invalidate the cache if 
                                        // user changes options.
        static HANDLE s_hMutexCounter;  // mutex controlling access to shared memory counter 
 
        BOOL IsCounterEqual() const;
        VOID SetToCurrentCounter();

        // The body of the cache is this array of cache entries.
        // Cross-thread access control for the array is by critical section.

        CRITICAL_SECTION m_csectZoneCache; // assumes only one, static instance of the cache 


        struct CSecMgrCacheEntry {
            CSecMgrCacheEntry(void) :
                m_pwszURL(NULL),
                m_pbSecurityID(NULL),
                m_cbSecurityID(NULL),
                m_dwZone(URLZONE_INVALID),
                m_fMarked(FALSE),
                m_pwszDocDomain(NULL) {};
            ~CSecMgrCacheEntry(void) { Flush(); };

            void Set(LPCWSTR pwszURL, DWORD dwZone, BOOL fMarked, 
                    const BYTE *pbSecurityID, DWORD cbSecurityID, LPCWSTR pwszDocDomain);
            void Flush(void);
            
            LPWSTR  m_pwszURL;
            BYTE*   m_pbSecurityID;
            DWORD   m_cbSecurityID;
            DWORD   m_dwZone;
            BOOL    m_fMarked;
            LPWSTR  m_pwszDocDomain;
        }; // CSecMgrCacheEntry

        CSecMgrCacheEntry   m_asmce[MAX_SEC_MGR_CACHE];
        int                 m_iAdd;         // index in m_asmce to add the next element

        BOOL FindCacheEntry( LPCWSTR pwszURL, int& riEntry ); // must be called under critical section.

    }; // CSecMgrCache

    static CSecMgrCache s_smcache;

protected:
    // Methods to manage List of Allowed ActiveX controls

    static BOOL EnsureListReady(BOOL bForce = FALSE);
    static void IntializeAllowedControls();
    static HRESULT GetControlPermissions(BYTE * raw_CLSID, DWORD & dwPerm);

    // Get the final decision on the whether to run a CLSID (for this zone, etc)
    static HRESULT GetActiveXRunPermissions(BYTE * raw_CLSID, DWORD & dwPerm);

public:
    static VOID IncrementGlobalCounter( );

private:
    IInternetSecurityMgrSite*   m_pSite;
    IInternetZoneManager* m_pZoneManager;
    IInternetSecurityManager* m_pDelegateSecMgr;

    CRegKey m_regZoneMap;
    BOOL    m_fHardened;


    // Static members to do remember the correct IP Ranges.
    static BOOL   s_bIPInit;     // have we read the IP ranges. 
    static BYTE*  s_pRanges;     // array of range items
    static DWORD  s_cNumRanges;  // number of range items
    static DWORD  s_cbRangeItem; // size of each range item
    static DWORD  s_dwNextRangeIndex; // Next index to use to add numbers in the range entry.

    static CRITICAL_SECTION s_csectIP; // crit section to protect it all. 
    static BOOL s_bcsectInit;
    static CLSID * s_clsidAllowedList;
    static CRITICAL_SECTION s_csectAList;
    static DWORD s_dwNumAllowedControls;
};

#pragma warning(default:4200)

#endif // _SECMGR_H_