// File: secmgr.h // // Contents: The object that implements the base IInternetSecurityManager interface // // Classes: CSecurityManager // // Functions: // // History: // //---------------------------------------------------------------------------- #ifndef _SECMGR_H_ #define _SECMGR_H_ #pragma warning(disable:4200) #define MAX_SEC_MGR_CACHE 4 #define URLZONE_INVALID URLZONE_USER_MAX+1 #define MUTZ_NOCACHE 0x80000000 // start private flags from high end #define TSZMICROSOFTPATH TEXT("Software\\Microsoft") #define TSZIEPATH TSZMICROSOFTPATH TEXT("\\Internet Explorer") #define REGSTR_PATH_IE_MAIN TSZIEPATH TEXT("\\Main") #define REGVAL_TRUSTDLG_ENABLED TEXT("DisplayTrustAlertDlg") // private function only exported by ordinal: #define SHOWURLINNEWBROWSERINSTANCE_ORDINAL 230 typedef HRESULT (STDAPICALLTYPE * SHOWURLINNEWBROWSERINSTANCE)(LPCWSTR); struct ZONEMAP_COMPONENTS; struct RANGE_ITEM { BYTE bLow[4]; // high byte values for range BYTE bHigh[4]; // low byte values for range TCHAR szName[1]; // actually variable length }; // This structure is used to exchange data between the security manager // and the dialog proc's. struct DlgData { DWORD dwAction; DWORD dwZone; LPCWSTR pstr; DWORD dwFlags; // TrustAlertDialogProc use: IInternetSecurityManager *pSecurityManager; BOOL bFromShdocvw; }; typedef DlgData * LPDLGDATA; class CSecurityManager : public IInternetSecurityManager { public: // IUnknown methods STDMETHODIMP QueryInterface(REFIID iid, void **ppvObj); STDMETHODIMP_(ULONG) AddRef(void); STDMETHODIMP_(ULONG) Release(void); STDMETHODIMP MapUrlToZone( /* [in] */ LPCWSTR pwszUrl, /* [out] */ DWORD *pdwZone, /* [in] */ DWORD dwReserved); STDMETHODIMP GetSecurityId( /* [in] */ LPCWSTR pwszUrl, /* [size_is][out] */ BYTE* pbSecurityId, /* [out][in] */ DWORD *pcbSecurityId, /* [in] */ DWORD_PTR dwReserved); STDMETHODIMP ProcessUrlAction( /* [in] */ LPCWSTR pwszUrl, /* [in] */ DWORD dwAction, /* [size_is][out] */ BYTE *pPolicy, /* [in] */ DWORD cbPolicy, /* [in] */ BYTE *pContext, /* [in] */ DWORD cbContext, /* [in] */ DWORD dwFlags, /* [in] */ DWORD dwReserved); STDMETHODIMP QueryCustomPolicy( /* [in] */ LPCWSTR pwszUrl, /* [in] */ REFGUID guidKey, /* [size_is][size_is][out] */ BYTE **ppPolicy, /* [out] */ DWORD *pcbPolicy, /* [in] */ BYTE *pContext, /* [in] */ DWORD cbContext, /* [in] */ DWORD dwReserved ); STDMETHODIMP SetSecuritySite( /* [in] */ IInternetSecurityMgrSite *pSite ); STDMETHODIMP GetSecuritySite( /* [out] */ IInternetSecurityMgrSite **ppSite ); STDMETHODIMP SetZoneMapping( /* [in] */ DWORD dwZone, /* [in] */ LPCWSTR lpszPattern, /* [in] */ DWORD dwFlags); STDMETHODIMP GetZoneMappings( /* [in] */ DWORD dwZone, /* [out] */ IEnumString **ppEnumString, /* [in] */ DWORD dwFlags); // Constructors/destructors public: CSecurityManager(IUnknown *pUnkOuter, IUnknown **ppUnkInner); virtual ~CSecurityManager(); static BOOL GlobalInit( ) ; static BOOL GlobalCleanup( ); // Aggregation and RefCount support. protected: CRefCount m_ref; class CPrivUnknown : public IUnknown { public: STDMETHOD(QueryInterface) ( REFIID riid, LPVOID FAR* ppvObj); STDMETHOD_(ULONG,AddRef) (void); STDMETHOD_(ULONG,Release) (void); ~CPrivUnknown() {} CPrivUnknown() : m_ref () {} private: CRefCount m_ref; // the total refcount of this object }; friend class CPrivUnknown; CPrivUnknown m_Unknown; IUnknown* m_pUnkOuter; STDMETHODIMP_(ULONG) PrivAddRef() { return m_Unknown.AddRef(); } STDMETHODIMP_(ULONG) PrivRelease() { return m_Unknown.Release(); } protected: BOOL EnsureZoneManager(); VOID PickZCString(ZONEMAP_COMPONENTS *pzc, LPCWSTR *ppwsz, DWORD *pcch, LPCWSTR pwszDocDomain); // Helper methods to deal with IP Rules HRESULT ReadAllIPRules( ); HRESULT AddDeleteIPRule(ZONEMAP_COMPONENTS *pzc, DWORD dwZone, DWORD dwFlags); // helper methods to do GetZoneMappings. HRESULT AddUrlsToEnum(CRegKey *pRegKey, DWORD dwZone, LPCTSTR lpsz, int cch, BOOL bAddWildCard, CEnumString *); HRESULT AddIPRulesToEnum(DWORD dwZone, CEnumString *); static HRESULT ComposeUrlSansProtocol(LPCTSTR pszDomain, int cchDomain, LPCTSTR pszSite, int cchSite, LPTSTR * ppszRet, int * cchRet); static HRESULT ComposeUrl(LPCTSTR pszUrlSansProt, int cchUrlSansProt, LPCTSTR pszProt, int cchProt, BOOL bAddWildCard, LPTSTR * ppszRet, int * cchRet); protected: // UI related definitions. enum { MAX_ALERT_SIZE = 256 }; // Return values from DialogProc's enum { ZALERT_NO = 0 /* should be 0*/ , ZALERT_YES, ZALERT_YESPERSIST }; // helper methods to display generic UI. static DWORD GetAlertIdForAction(DWORD dwAction); static DWORD GetWarnIdForAction(DWORD dwAction); // Dialog proc's etc. static BOOL IsScriptOrActiveXHardenedInternet(DWORD dwAction, DWORD dwPermissions, DWORD dwZone); static BOOL IsSiteInZone(LPCWSTR pszUrl, DWORD dwZone, IInternetSecurityManager *pSecMgr); static BOOL ShowAddToSitesList(HWND hwnd, LPCWSTR pszUrl, DWORD dwZone); static HWND SetControlText(HWND hDlg, UINT ctrlID, DWORD dwStrId, LPCWSTR pszDomain = NULL); static BOOL IsHostedInIE(IUnknown* punk); static BOOL IsBrowserHosted(); static void ShowUrlInNewBrowserInstance(LPCWSTR pwszUrl); public: static INT_PTR TrustAlertDialogProc(HWND hDlg, UINT iMsg, WPARAM wParam, LPARAM lParam); protected: static INT_PTR ZonesAlertDialogProc(HWND hDlg, UINT iMsg, WPARAM wParam, LPARAM lParam); static INT_PTR ZonesWarnDialogProc(HWND hDlg, UINT iMsg, WPARAM wParam, LPARAM lParam); static inline BOOL IsFormsSubmitAction(DWORD dwAction); static INT_PTR FormsAlertDialogProc(HWND hDlg, UINT iMsg, WPARAM wParam, LPARAM lParam); INT CSecurityManager::ShowFormsAlertDialog(HWND hwndParent, LPDLGDATA lpDlgData); protected: // Methods to help Map a URL to a zone. HRESULT MapUrlToZone (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, DWORD dwFlags, BOOL *pfMarked = NULL, LPWSTR *ppszURLMark = NULL); HRESULT WrapMapUrlToZone(LPCWSTR pwszSecUrl, ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, DWORD dwFlags, BOOL *pfMarked, LPWSTR *ppszMarkURL); HRESULT CheckAddressAgainstRanges (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt); HRESULT CheckSiteAndDomainMappings (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt, BOOL fCheckHardenKey = FALSE); HRESULT CheckUNCAsIntranet (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt); HRESULT CheckIntranetName (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt); HRESULT CheckProxyBypassRule (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt); HRESULT CheckMKURL (ZONEMAP_COMPONENTS* pzc, DWORD* pdwZone, LPCTSTR pszProt); protected: // Class to remember persistent actions. class CPersistAnswers { public: CPersistAnswers( ) : m_pAnswerEntry(NULL) { }; ~CPersistAnswers( ); public: BOOL GetPrevAnswer(LPCWSTR pszUrl, DWORD dwAction, INT* piAnswer); VOID RememberAnswer(LPCWSTR pszUrl, DWORD dwAction, INT iAnswer); static inline BOOL IsPersistentAnswerAction(DWORD dwAction); private: struct CAnswerEntry { // Construction CAnswerEntry(LPCWSTR pszUrl, DWORD dwAction, INT iAnswer); ~CAnswerEntry( ); // Methods. BOOL MatchEntry (LPCWSTR pszUrl, DWORD dwAction); INT GetAnswer( ) const { return m_iAnswer; } LPCWSTR GetUrl( ) const { return m_pszUrl; } CAnswerEntry * GetNext( ) const { return m_pNext; } VOID SetNext(CAnswerEntry * pNext) { m_pNext = pNext; } private: CAnswerEntry * m_pNext; LPWSTR m_pszUrl; DWORD m_dwAction; INT m_iAnswer; }; CAnswerEntry* m_pAnswerEntry; }; CPersistAnswers m_persistAnswers; // Methods/members to support caching so we optimize MapUrlToZone, etc. protected: class CSecMgrCache { public: CSecMgrCache(void); ~CSecMgrCache(void); BOOL Lookup(LPCWSTR pwszURL, DWORD *pdwZone = NULL, BOOL *pfMarked = NULL, BYTE *pbSecurityID = NULL, DWORD *pcbSecurityID = NULL, LPCWSTR pwszDocDomain = NULL); void Add(LPCWSTR pwszURL, DWORD dwZone, BOOL fMarked, const BYTE *pbSecurityID = NULL, DWORD cbSecurityID = NULL, LPCWSTR pwszDocDomain = NULL ); void Flush(void); static VOID IncrementGlobalCounter( ); protected: // Counters to flag cross-process cache invalidation. DWORD m_dwPrevCounter ; // Global counter so we can correctly invalidate the cache if // user changes options. static HANDLE s_hMutexCounter; // mutex controlling access to shared memory counter BOOL IsCounterEqual() const; VOID SetToCurrentCounter(); // The body of the cache is this array of cache entries. // Cross-thread access control for the array is by critical section. CRITICAL_SECTION m_csectZoneCache; // assumes only one, static instance of the cache struct CSecMgrCacheEntry { CSecMgrCacheEntry(void) : m_pwszURL(NULL), m_pbSecurityID(NULL), m_cbSecurityID(NULL), m_dwZone(URLZONE_INVALID), m_fMarked(FALSE), m_pwszDocDomain(NULL) {}; ~CSecMgrCacheEntry(void) { Flush(); }; void Set(LPCWSTR pwszURL, DWORD dwZone, BOOL fMarked, const BYTE *pbSecurityID, DWORD cbSecurityID, LPCWSTR pwszDocDomain); void Flush(void); LPWSTR m_pwszURL; BYTE* m_pbSecurityID; DWORD m_cbSecurityID; DWORD m_dwZone; BOOL m_fMarked; LPWSTR m_pwszDocDomain; }; // CSecMgrCacheEntry CSecMgrCacheEntry m_asmce[MAX_SEC_MGR_CACHE]; int m_iAdd; // index in m_asmce to add the next element BOOL FindCacheEntry( LPCWSTR pwszURL, int& riEntry ); // must be called under critical section. }; // CSecMgrCache static CSecMgrCache s_smcache; protected: // Methods to manage List of Allowed ActiveX controls static BOOL EnsureListReady(BOOL bForce = FALSE); static void IntializeAllowedControls(); static HRESULT GetControlPermissions(BYTE * raw_CLSID, DWORD & dwPerm); // Get the final decision on the whether to run a CLSID (for this zone, etc) static HRESULT GetActiveXRunPermissions(BYTE * raw_CLSID, DWORD & dwPerm); public: static VOID IncrementGlobalCounter( ); private: IInternetSecurityMgrSite* m_pSite; IInternetZoneManager* m_pZoneManager; IInternetSecurityManager* m_pDelegateSecMgr; CRegKey m_regZoneMap; BOOL m_fHardened; // Static members to do remember the correct IP Ranges. static BOOL s_bIPInit; // have we read the IP ranges. static BYTE* s_pRanges; // array of range items static DWORD s_cNumRanges; // number of range items static DWORD s_cbRangeItem; // size of each range item static DWORD s_dwNextRangeIndex; // Next index to use to add numbers in the range entry. static CRITICAL_SECTION s_csectIP; // crit section to protect it all. static BOOL s_bcsectInit; static CLSID * s_clsidAllowedList; static CRITICAL_SECTION s_csectAList; static DWORD s_dwNumAllowedControls; }; #pragma warning(default:4200) #endif // _SECMGR_H_